After the end of the EU Privacy Shield, according to the will of the European Union Commission with new clauses, the transfer of customer information from Europe to third countries should remain at least partially possible.
Dealing With Requests From Foreign Authorities
The EU privacy declared the data security shield with the USA to be too complete of gaps in Summer and overturned it. The judges found that laws there such as the Foreign Intelligence Surveillance enabled mass surveillance by security. The data security principle in the United States does not correspond to that in the European Union.
According to the Commission, the new transfer clauses should provide additional guarantees in order to regulate any effects of the laws of the third country of destination on the compliance of the importer. Above all, it is important to clarify how this is to be dealt with when authorities in third countries make a binding request for the disclosure of personal information.
Those Hacked Should Be Notified
The data importer should promise to notify those affected immediately if they receive a binding request from an authority for the release of individual data. If he is prohibited from doing this, he must make every effort to lift the ban. In addition, the entity that obtains the information should exhaust all available legal remedies.
Define Responsibilities
The European data security officers also find a few things to criticize in the Commission’s draft for protection clauses between companies or authorities based in the EU. But you are also pushing for a few improvements here. For example, the interaction between the two files should be simplified and expanded with the docking clause.
There were intensive negotiations on the statements. The European position can be found in many parts of the papers. The accepted proposal could bring security for exchange with countries outside the European Area without making restrictions on data security. The Commission intends to adopt the text of the revised clauses as soon as possible, taking into account inputs from a consultation.
