EU-U.S. Privacy Shield – The agreement on the protection of personal data has been declared null and void again due to surveillance fears.
The EU-U.S. Privacy Shield was drafted by the U.S. Department of Commerce and found by the European Commission in 2016 to be adequate for the level of data protection in the EU. It was designed to provide companies on the other side of the Atlantic with a structure to meet the protection of personal data – for the second time. After all, companies could refer to the Safe Harbor Agreement until 2015.
The European Court of Justice has concluded that the mechanism does not provide adequate protection for European citizens. This decision would immediately stop and in many cases eliminate data transfers between the EU and the United States.
The reason for the EU-US Privacy Shield
The reason for stopping the Privacy Shield is since US security authorities have excessive powers to access the data. On one hand, access is not limited to the “absolutely necessary extent”. On the other hand, data subjects in third countries are entitled to an effective remedy against interference with fundamental rights. This enables data subjects to protect their data from state access. This cannot be guaranteed in this case.
In identity management, ensuring GDPR conformity is extremely important. This concerns the digital identities of users.
As German Cloud Identity and Access Management, the personal data of your users remain here in Germany.
cidaas is a modern, European Cloud Identity and Access Management. Find out in our News the EU Data Protection Basic Regulation, which functions of cidaas ensure security and GDPR conformity or learn more about all that is involved in consent management.