Not a Member? Get access to HR news and resources that you can trust.
Here is how HR can help prevent the missteps that could cost your company big in court.
Is your employee handbook ready for the changing world of work? With SHRM’s Employee Handbook Builder get peace of mind that your handbook is up-to-date.
Get the HR education you need without travel expenses or time out of the office.
Expand your influence and learn how to become an effective leader -- Join us in Phoenix, AZ, October 2-4, 2017.
On June 12, the European Commission adopted the EU-U.S. Privacy Shield, ending a type of limbo for U.S. companies that had been relying on alternatives for the transfer of personal data ever since the Safe Harbor agreement between the U.S. and the European Commission was nullified last October.
The shield replaces the Safe Harbor agreement, which was nullified by the Court of Justice of the European Union in
Schrems v. Data Protection Commissioner.
Self-certification of compliance with the shield by U.S. organizations begins Aug. 1, 2016.
SHRM Online reported on
Schrems earlier this year, "Maximillian Schrems, an Austrian national, filed a complaint with the Irish Data Protection Commissioner (Irish DPC) asking it to prohibit Facebook Ireland Ltd. from transferring his personal data to Facebook Inc. in the United States."
Based in part on revelations made by whistle-blower Edward Snowden concerning surveillance activities by U.S. intelligence, Schrems believed U.S. laws didn't guarantee "adequate protection" of his personal data. However, the Irish DPC rebuffed Schrems' complaint, saying there was no evidence that his personal data had been accessed. The Irish DPC also found that the Safe Harbor agreement provided adequate protection for any personal data transferred to the U.S.
Schrems challenged the ruling before the European Court of Justice, which found in his favor.
"The European high court struck down the Safe Harbor agreement, in part, because the U.S. government retains the right to access data in the U.S. for national security and law enforcement purposes and does not permit EU citizens to make complaints regarding the misuse of their personal data. The decision authorizes each [member country's] Data Protection Commissioner to consider individual claims asserting that the transfer of personal data from the EU to other countries violates EU privacy laws,"
SHRM Online reported.
According to U.S. Secretary of Commerce Penny Pritzker, U.S. companies will be given until Aug. 1 to review the Privacy Shield to enable a "smooth transition."
In an interview with
SHRM Online July 15, privacy attorney Philip Gordon, a shareholder in Littler Mendelson's Denver office and co-chair of the firm's privacy and background checks practice group, said that "more than 4,000 U.S. companies relied on Safe Harbor for cross-border data transfers." But after nullification of the law, "U.S. companies had to make a decision whether to use a different data mechanism or fly under the radar." He said the alternatives companies used to transfer HR data included standard contractual clauses and binding corporate rules.
Companies will now need to decide "whether they will continue to rely on the measures they put in place in response to the invalidation of Safe Harbor or switch to the Privacy Shield," Gordon noted.
An analysis of the shield provided to
SHRM Online from Morrison & Foerster, an international law firm with 17 offices in the United States, Asia and Europe, states that "at first glance, the shield bears a strong resemblance to Safe Harbor, which misled some commentators to denounce it as a mere duplicate in disguise. However, the shield introduces substantial changes for data protection, including additional rights for EU individuals, stricter compliance requirements for U.S. organizations, and further limitations on government access to personal data."
You have successfully saved this page as a bookmark.
Please confirm that you want to proceed with deleting bookmark.
You have successfully removed bookmark.
Please log in as a SHRM member before saving bookmarks.
Your session has expired. Please log in again before saving bookmarks.
Please purchase a SHRM membership before saving bookmarks.
An error has occurred
Recommended for you
Don’t Lose Sight! What Does Poor Preventive Care Cost Your Business?
HR Education in a City Near You
SHRM’s HR Vendor Directory contains over 3,200 companies