Trans-Atlantic Data Privacy Framework Overview

In March of 2022, the European Commission and the United States reached a preliminary agreement for a Trans-Atlantic Data Privacy Framework. This agreement was based on several key principles that aim to enable data to flow freely and safely between the EU and participating U.S. companies, while also limiting access to data by U.S. intelligence authorities to only what is necessary and proportionate for national security purposes.

Under the new framework, U.S. intelligence agencies will adopt procedures to ensure effective oversight of new privacy and civil liberties standards, and there will be a new two-tier redress system in place to investigate and resolve complaints of Europeans regarding access to data by U.S. intelligence authorities. This redress system includes a Data Protection Review Court.

Companies that process data transferred from the EU will have strong obligations and will be required to self-certify their adherence to the principles through the U.S. Department of Commerce. Additionally, there will be specific monitoring and review mechanisms in place.

The benefits of this deal include adequate protection of Europeans’ data transferred to the US, safe and secure data flows, a durable and reliable legal basis, a competitive digital economy, and continued data flows underpinning €900 billion in cross-border commerce every year.

Moving forward, the agreement in principle will be translated into legal documents, with the U.S. commitments being included in an Executive Order that will form the basis of a draft adequacy decision by the Commission to put in place the new Trans-Atlantic Data Privacy Framework.

To conclude, the Trans-Atlantic Data Privacy Framework agreement in principle is a significant development for both the EU and the U.S. It will enable data to flow freely and safely between these two regions while ensuring that the privacy and civil liberties of EU citizens are protected.

Privacy and Trust News

GuidanceU.S Privacy

Iowa Enacts Data Privacy Law

Iowa has recently become the sixth state in the United States to pass a comprehensive data privacy law. The law, which was signed by Governor Kim Reynolds (R) on Tuesday, aims to empower consumers to have more control over safeguarding their personal data. The Iowa...

Read More

GDPRGuidance

GDPR Regulations

Understanding the Requirements In 2018, the General Data Protection Regulation (GDPR) came into effect, marking a significant milestone in data privacy regulation. This regulation aimed to provide individuals with more control over their personal data and how it is...

Read More

GuidancePIPEDA

PIPEDA and its Principles

The Personal Information Protection and Electronic Documents Act (PIPEDA) lays down the foundation for collecting, using, and disclosing personal information while granting individuals the power to control how their information is handled in the private sector....

Read More

Helping your business exceed the compliance standard.

Our team of experienced privacy attorneys & certified privacy professionals have a proven track record of delivering privacy frameworks and data privacy solutions, tailored to your business needs.