Skip to main content

EU governments approve Privacy Shield

EU governments have approved the commercial data transfer pact between the European Union and the United States known as Privacy Shield, which will replace the Safe Harbour agreement.

European Union member state representatives voted in favour of the EU-US Privacy Shield which will support over $250 billion dollars of transatlantic trade in digital services. The agreement will do so by facilitating cross-border data transfers which have become crucial to international business and our ever-growing digital economy.

The European Commission will formally adopt Privacy Shield on Tuesday. This is excellent news for companies such as Google, Facebook and MasterCard that have been in a state of legal limbo after the European Court of Justice overturned Safe Harbour in 2015. The EU's top court decided to strike down the previous data transfer framework due to concerns that the US was not properly handling the data of EU citizens.

Privacy Shield differs from Safe Harbour in a number of ways as it places more oversight for data protection. EU citizens will be able issue complaints over how their data is used and American organisations will have to respond to these complaints within 45 days.

Privacy Shield will also be a “living mechanism” that will undergo annual reviews to ensure that it still adequately protects user data.

Richard Lack, director of sales, EMEA at Gigya commented: "With the EU-US Privacy Shield now finalised and approved by European governments, privacy compliance is now a necessity for all global brands. It’s important that businesses of all sizes understand the cost of non-compliance, as well as the price of manually managing policies in-house. For example, a recent Data Protection Compliance Report by IT Governance shows that monetary penalties were more severely enforced for online breaches and cyber-attacks, costing companies an average of £52,308 per incident.

"But lawmakers and institutions are not the only ones holding businesses accountable when it comes to data privacy – companies must also answer to their customers. As data becomes the linchpin of business success, consumers are growing increasingly wary of how their personal information is being used.

"As a response to the changing privacy environment, and the challenges involved with keeping customer data secure and legally compliant, many companies are now evaluating cloud-based customer identity and access management (CIAM) solutions, which can offload much of the cost, resources and risk from businesses when it comes to maintaining privacy compliance. A CIAM platform helps manage customer authentication, identities and data, saving significant development time and resources that would otherwise be spent managing regional privacy regulations.

"There’s no doubt about it: privacy can be pricey, but solutions exist to help businesses operate in the best possible way and not rack up sizeable costs because of non-compliance."

Image Credit: deepadesigns / Shutterstock

Anthony Spadafora
After living and working in South Korea for seven years, Anthony now resides in Houston, Texas where he writes about a variety of technology topics for ITProPortal.