The EU – U.S. Privacy Shield signals greater cooperation between the EU Data Protection Authorities and the Federal Trade Commission, according to a Fact Sheet released by the Department of Commerce. U.S. businesses should focus on these key themes, primarily:
- EU individuals will have multiple no-cost avenues through which they can resolve concerns about how their data is used, including mandatory arbitration for U.S. companies.
- The Department of Commerce will supervise compliance with the Privacy Shield as well as assist in the dispute resolution process.
- U.S. companies participating in Privacy Shield will be bound to enhanced contractual privacy protections and oversight in order to transfer data to or have data processed by third parties.
This is only a hunch, but an educated hunch based on experience: when new avenues for addressing rights are given to people, they usually exercise them. Especially when they can do so for free.
Businesses, get ready to be in the crosshairs.
Shawn Tuma (@shawnetuma) is a business lawyer with an internationally recognized reputation in cybersecurity, computer fraud and data privacy law. He is a Cybersecurity & Data Protection Partner at Scheef & Stone, LLP, a full-service commercial law firm in Texas that represents businesses of all sizes throughout the United States and, through its Mackrell International network, around the world.