Last September, shortly after Equifax disclosed a massive data breach, regulatory agencies moved quickly to adopt regulations intended to better protect consumers from data breaches. Last week, Congress took a first step toward codifying such protections.
Effective as of July 12, 2016, the European Union has implemented the new US-EU Privacy Shield (the “Privacy Shield”). The Privacy Shield permits US organizations to self-certify that they meet the requirements for protecting Europeans’ personal data (“EU Data”), allowing them to receive such data from EU organizations. The Privacy Shield is designed to replace the former US-EU Safe Harbor (the “Safe Harbor”), which was invalidated in a case decided by the Court of Justice of the European Union (the “CJEU”) in October of last year.