Today, U.S. Secretary of Commerce Wilbur Ross and EU Commissioner for Justice, Consumers, and Gender Equality Věra Jourová made the following statement regarding the third annual joint review of the EU-U.S. Privacy Shield Framework:
“Senior officials from the United States Government, the European Commission, and EU data protection authorities gathered in Washington, DC on September 12 and 13 to conduct the third annual joint review of the EU-U.S. Privacy Shield Framework. The broad and senior level participation from both sides underscored the shared and longstanding commitment of the United States and the European Union to the Framework.
"The U.S. Department of Commerce hosted the two-day review, which covered all aspects of the functioning of the Privacy Shield Framework from its administration and enforcement to broader U.S. legal developments regarding matters related to commercial data protection and national security data access. The review benefited from input from Privacy Shield participants and civil society stakeholders.
"Privacy Shield ensures that participating companies and relevant government authorities provide a high level of protection for the personal data of EU individuals. Since the Framework’s implementation on August 1, 2016, more than 5,000 companies have made public and legally enforceable pledges to protect data transferred from the EU in accordance with the Privacy Shield Principles. The rapid and continued growth of the program demonstrates Privacy Shield’s vital role in protecting personal data and contributing to the $7.1 trillion economic relationship between the United States and Europe.
"The EU and U.S. welcomed the appointment of several key U.S. officials with Privacy Shield responsibilities. The United States Senate confirmed two additional members to the independent, bipartisan U.S. Privacy and Civil Liberties Oversight Board , as well as Keith Krach, who in his Under Secretary role at the U.S. Department of State serves as the Privacy Shield Ombudsperson.
"EU and U.S. officials both stressed the need for strong and credible enforcement of privacy rules to protect our citizens and ensure trust in the digital economy. As provided for in the Framework, the Department of Commerce will revoke the certification of companies that do not comply with Privacy Shield's vigorous data protection requirements.
"The European Commission will publish a report on the functioning of the Privacy Shield. This report will conclude this year’s review process.”