The Finalization of the EU-US Data Privacy Framework
On July 10, 2023, the European Commission published its final Adequacy Decision for EU-US. data transfers. The draft decision reflects the multi-year coordination between the EU and the US to identify and implement a lasting solution to facilitate international data transfers following the Court of Justice of the European Union’s judgment in Schrems II.
As part of this process, the US has completed its obligations under the Executive Order 14086 on Enhancing Safeguards for United States Signals Intelligence Activities. Recent activities to complete the US. obligations include the US Attorney General declaring the EU, Iceland, Liechtenstein, and Norway to be “qualifying states,” which is required for the redress mechanism to be available to individuals from those jurisdictions, and the office of the Director of National Intelligence confirming that the US Intelligence Community has adopted its policies and procedures as required under the Executive Order.
The EU’s adequacy decision determines that the US, through the newly created EU-US Data Privacy Framework, provides comparable safeguards to those of the EU and ensures an adequate level of protection for personal data transferred from the EU to certified organizations in the US.
Watch the recording, where OneTrust DataGuidance, Sidley, and a panel of expert representatives from the European Commission and Department of Justice discuss the finalized EU-US DPF.
Key takeaways include:
- Discussion of significant points and implications of the European Commission Adequacy Decision for the Data Privacy Framework
- What organizations should know about the Framework’s Principles
- Consideration of factors and logistics for signing up for the Framework, including interplay with current Privacy Shield membership
- Other internal data transfer developments, including adequacy decision for the UK-US Data Bridge and
- Next steps in the EU and UK processes, and predictions for the future
Speakers for this session include:
- Bruno Gencarelli, Deputy to the Director – Fundamental Rights and Rule of Law, Head of Unit – International Data Flows and Protection at the European Commission
- Dylan Cors, International Director, National Security Division at U.S. Department of Justice
- Neema Singh Guliani, Deputy Assistant Secretary for Services, U.S. Department of Commerce
- Alan Raul, Partner, Privacy and Cybersecurity, Sidley (Washington D.C. and New York)
- William Long, Partner, Privacy and Cybersecurity, Sidley (London)
- Maarten Meulenbelt, Partner, Antitrust/Competition, Sidley (Brussels)
- Lauren Kitces, Senior Managing Associate, Sidley (Washington D.C.)
Help us to continue providing free events and content by sharing your details with our event partners for the purpose of communicating relevant goods, services and events. By submitting this form, you will opt-in for OneTrust to share your information with our event co-sponsors. You have the right to opt-out of sharing your details with sponsors at any time by submitting a request. By clicking register on this form you confirm that you have read, understood and accepted the OneTrust Event Registration Terms.