In case you missed it, Ken Dort at Drinker Biddle held a discussion covering high points of the EU/US Privacy Shield. Talking points covered:
1. Application Overview
2. Certification Issues
3. Privacy Shield Principles and Supplemental Principles
4. Implementation Timelines (Expected)
5. Best Practices Going Forward Pending Implementation
The draft EU-U.S. Privacy Shield “adequacy decision” includes the Privacy Shield Principles companies must follow. Suggested Best Practices for compliance with EU-U.S. Privacy Shield Principles include: evaluating disclosures about data collection and use to determine whether they are sufficiently clear and evident to consumers, and 2) giving strong consideration for implementation of a formal opt-in mechanism. European government trade regulators are concerned about whether consumers are being sufficiently informed about the nature and scale of data collection.
Ken graciously provided this great list of resources for the discussion:
As part of Adler Law Group’s Privacy & Information Security Practice, we continue to follow the developments in this area. We can help you review, enhance and adopt standardized contracts and implement methodologies for approaching these challenges by setting objectives, determining scope, allocating resources, and developing agreements that will efficiently and effective manage risks.