Preiskel & CoPreiskel & Co
Preiskel & Co
  • Home
  • About Us
    • Diversity, Social Responsibility, and Pro Bono
  • Services
    • Corporate
    • Commercial
    • Regulatory
    • Competition & Antitrust
    • Data Protection, Privacy, and Retention
    • Intellectual Property
    • Dispute Resolution
    • Employment
  • Sectors
    • Telecommunications
    • IT, Technology, & Internet
    • Media and Broadcasting
    • Websites, Blogging, & Social Media
    • Film & Television
    • Gambling & Online Gaming
    • Leisure & Retail
    • Energy & Minerals
    • Cryptocurrency & Blockchain
    • Creative Industries
  • People
    • Daniel Preiskel
    • Ronnie Preiskel
    • Tim Cowen
    • Jose Saras
    • Robert Dougans
    • Tina Cowen
    • D A T Green
    • Karthyaeni Vittala
    • Richard Stewart
    • Mor Swiel
    • Ilanit Appelfeld
    • Stephen Dnes
    • Daniel Oakland
    • Robert Harvey
    • Martina Raciti
    • Joanna Coombs-Huang
    • Xavier Prida
    • Mark Clough
    • Stewart White
    • Alison MacFarlane
    • Hannah Leader
    • Peter Dally
    • Antony Corel
    • Sue Warwick
    • Shardi Shameli
    • Stephen Hornsby
    • Ewelina Korgol
    • Maria Constantin
    • Sophia Yakhno
  • International
  • Blog
  • News
    • Publications
  • Contact
Menu back  

EU-US Privacy Shield invalidated by ECJ

August 3, 2020By Preiskel & Co

The European Court of Justice (“ECJ”) has ruled that the EU-US Privacy Shield is unlawful and invalid.

The Privacy Shield was an agreement between the EU and the US, which governed data transfers between the two territories. In a 2016 decision, the European Commission had found that the protection provided by the Privacy Shield was adequate.

The ECJ invalidated the European Commission’s 2016 decision, finding that the Privacy Shield failed to adequately protect EU citizens’ privacy, with the risk that citizens’ rights under the General Data Protection Regulation (“GDPR”) would be violated. Specifically, the court found, that the protections offered in the Privacy Shield agreement were not “essentially equivalent to those required under EU law”.

The decision follows a 2015 ruling which invalidated a similar data transfer agreement between the EU and the US known as Safe Harbour.

The decision is likely to affect many companies who rely on data transfers between the two territories. Some industry players have voiced concerns about the future of data transfers between the two territories. A number of industry groups, led by the Software Alliance, have reacted by calling for a new, reliable framework for transatlantic data transfers.

However, the ECJ also found that the Standard Contractual Clauses, another mechanism for cross-border data transfers with the US, were lawful in principle, although a case-by-case analysis of the risks inherent in third country data transfers would have to be considered. Companies affected by the decision may therefore be able to switch to relying on this basis for such transfers.

Moreover, article 49 of the GDPR does provide for “necessary” transfers (e.g. transfers which are vital for: the conclusion or performance of a contract, the establishment, exercise or defence of legal claims, protecting the vital interests of the data subject, or for important reasons of public interest) to continue in the absence of an adequacy decision or appropriate safeguards. It will be interesting to see how many companies will seek to rely on this.

In a press statement, the US Secretary of State, Michael Pompeo, has expressed disappointment at the decision and indicated it is “reviewing this outcome and the consequences and implications for more than 5,300 European and U.S. companies, representing millions of transatlantic jobs and over $7.1 trillion in commercial transactions.”

The ECJ’s decision can be found here.

Please contact Jose Saras if you have been affected by the ECJ’s decision, or if you have any questions related to data transfers and data protection regulations.

 

 

Latest Preiskel & Co blog posts
  • Claim against NHS Trust for breach of DPA 1998 and misuse of private information dismissed
    April 28, 2022
  • TikTok Class action for the Misuse of Child Personal Data
    April 28, 2022
  • ICO consultation on draft guidance for the research provisions within the UK GDPR and the DPA 2018
    April 20, 2022
  • European Strategy for Artificial Intelligence – a framework to regulate AI and its potential impact on the UK
    April 19, 2022
  • Meta hit by 17 million euro fine by Irish regulator
    April 19, 2022
  • Ofcom has mandated that telecoms providers ensure British Sign Language (BSL) for 999
    March 18, 2022
  • Ofcom publishes statement on the future of telephone numbers
    March 15, 2022
  • German court sends biometric data questions to the ECJ
    February 23, 2022
  • Meta fined £1.5m by CMA
    February 7, 2022
  • International data transfer agreement and addendum laid before Parliament
    February 4, 2022
  • CMA publishes statement of scope in music and streaming market study
    February 1, 2022
  • Google Privacy Sandbox faces European Commission complaint from German publishers
    January 24, 2022

The Preiskel Blog

  • Claim against NHS Trust for breach of DPA 1998 and misuse of private information dismissed 28 Apr 2022
  • TikTok Class action for the Misuse of Child Personal Data 28 Apr 2022
  • ICO consultation on draft guidance for the research provisions within the UK GDPR and the DPA 2018 20 Apr 2022
  • European Strategy for Artificial Intelligence – a framework to regulate AI and its potential impact on the UK 19 Apr 2022

Preiskel news

  • Daniel Preiskel and Xavier Prida lecturing to Academia Mexicana del Derecho Informático and Abogado Digital
  • Preiskel & Co advises Mexico-based premium content production company Dopamine
  • Danny Preiskel was ranked as a Global Elite Thought Leader in Telecoms & Media by WhosWhoLegal Data 2022
  • Danny Preiskel featured in GCCM (Global Carrier Community Magazine)
Preiskel tweets
  • @jwrosewell @m4aow @w3c @IABTechLab Our pleasure!60 days ago
  • RT @jwrosewell: Great work from @Preiskel and the whole @m4aow team. Thank you. Much for @w3c, @IABTechLab, and others to consider in this…60 days ago
  • RT @TC_4KBW: Google’s battle with publishers shows that at every turn it seeks to block others from competing. it blocked header bidding, b…60 days ago
Preiskel & Co LLP
4 King's Bench Walk,
Temple,
London
EC4Y 7DL
United Kingdom

Tel: +44 20 7332 5640
Email: info@preiskel.com

Find us on:

TwitterLinkedinMail
© Preiskel & Co LLP 2022 | Site map | Legal notices | Privacy | Cookie Policy | Privacy | Fraud Notice