U.S. Fulfills Its Commitments to Implement the EU-U.S. Data Privacy Framework

On July 3, 2023, U.S. Secretary of Commerce Gina Raimondo announced that the U.S. fulfilled its commitments that were prerequisites to the implementation of the EU-U.S. Data Privacy Framework (Framework). These steps are expected to allow the EU to move forward with the adoption of an adequacy decision for the Framework. The steps taken by the U.S. were two-fold. First, on June 30, 2023, U.S. Attorney General Merrick Garland designated the European Union (EU) and three additional countries that make up the European Economic Area (EEA) as ‘qualifying states’ for purposes of implementing the redress mechanism established under President Biden’s Executive Order on Enhancing Safeguards for U.S. Signals Intelligence Activities (Executive Order). This designation will take effect on the date the European Commission adopts the adequacy decision. Then, on July 3, 2023, the Office of the Director of National Intelligence (ODNI) confirmed that the U.S. Intelligence Community had adopted policies and procedures pursuant to the Executive Order. These policies took effect on June 30, 2023.

This announcement brings U.S. and EU businesses one step closer to having an additional legal mechanism, other than Standard Contractual Clauses or Binding Corporate Rules, for transfers of personal information from the EU to the U.S.; an option that has not existed since the Privacy Shield was invalidated by the Court of Justice for the EU in 2020.

In the coming weeks, the European Commission is expected to adopt the adequacy decision for the Framework. Once the adequacy decision is finalized, the U.S. Department of Commerce will (i) provide information on how U.S. businesses that currently are not covered under the Privacy Shield can self-certify to the new Framework, and (ii) provide guidance to those companies that continued to adhere to the Privacy Shield Principles during the past three years.

***

Wiley’s Privacy, Cyber & Data Governance Team has helped companies of all sizes from various sectors proactively address risks and comply with new privacy laws and requirements. Please contact Joan Stewart (jstewart@wiley.law) or Tyler Bridegan (tbridegan@wiley.law) with any questions.

Wiley Connect

Sign up for updates

Wiley Rein LLP Cookie Preference Center

Your Privacy

When you visit our website, we use cookies on your browser to collect information. The information collected might relate to you, your preferences, or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. For more information about how we use Cookies, please see our Privacy Policy.

Strictly Necessary Cookies

Always Active

Necessary cookies enable core functionality such as security, network management, and accessibility. These cookies may only be disabled by changing your browser settings, but this may affect how the website functions.

Functional Cookies

Always Active

Some functions of the site require remembering user choices, for example your cookie preference, or keyword search highlighting. These do not store any personal information.

Form Submissions

Always Active

When submitting your data, for example on a contact form or event registration, a cookie might be used to monitor the state of your submission across pages.

Performance Cookies

Performance cookies help us improve our website by collecting and reporting information on its usage. We access and process information from these cookies at an aggregate level.

Powered by Firmseek