Privacy Shield-Certified Organizations: Key Takeaways from the Privacy Shield Annual Review

The EU regulators’ recent report on the second annual review of the EU-US Privacy Shield provides some valuable compliance reminders for organizations that have certified or intend to certify to the Privacy Shield program. The report, which mainly focuses on the EU regulators’ ongoing concerns about the US government’s access to personal data and their desire to see more substantive certification reviews by the US government, details oversight efforts currently being undertaken by the Department of Commerce (Commerce) and the Federal Trade Commission (FTC). As the report makes clear, both Commerce and the FTC have significantly increased their oversight and enforcement of the Privacy Shield program. The report provides a useful roadmap for organizations to avoid getting caught in the US government’s enforcement crosshairs. 

Read our client alert.