What Is Privacy Shield Law?

Privacy Shield Law

Privacy Shield is the segment of privacy law that covers compliance with the legal data protection requirements of the European Union (EU) and/or Switzerland. The U.S. has two Privacy Shield Frameworks that American organizations can join. The EU-U.S. Privacy Shield Framework was created by the Department of Commerce and the European Commission, while the Swiss-U.S. Privacy Shield Framework was designed by the Department of Commerce with the Swiss government.

The Privacy Shield program addresses the transferring of personal data from specific countries to the United States during commerce. In 2016, the European Commission approved the EU-U.S. Privacy Shield Framework as adequate for transferring the personal data of EU individuals to the U.S. In 2017, the Swiss Government approved a Framework for compliance with Swiss requirements regarding data transfers. 

U.S.-based organizations may voluntarily join the Frameworks by self-certifying to the Department of Commerce and publicly committing to compliance—a commitment that is enforceable under U.S. law.