The European American Chamber of commerce (EACC) organized a webinar to inform its business community of the impact of the Privacy shield being struck down.
Were present : Max Schrems : Privacy Activist & Founder of NOYB, Angelo Stio: Partner, Troutman Pepper, John Whelan: Partner, A&L GOODBODY and Tom Zych: Partner, Thompson HINE
The webinar was animated by Tood Schwartz, Executive director of the EACC in Ohio “Where Europeans and American connects to do Business”.
Early in the talk questions where asked from cross-Atlantic businesses about what they should do amid the breakdown of the Privacy Shield. The latter used to make data transfers between EU and US easy and legal. That was before Max Schrems filled the Schrems II case, that followed the Schrems I case which was aimed at the Safe Harbour, the previous privacy shield so to speak.
Why taking down the privacy shield ?
The main basis for taking down the privacy shield is the following: Data from European subjects hosted by American companies are, in most cases, falling under GDPR (EU) and 702(US). According to the former they cannot be given away for the sake of privacy and to the latter they shall be given away to surveillance entities for the sake of national security. There needs to be one law changing its scope, otherwise it gets impossible, according to Max Schrems, to fulfill your obligations as a business.
Luckily, not all US companies fall under the surveillance law. Make sure your business partners do NOT fall under surveillance laws. If they do, you need to assess your situation and take the right decisions for your IT and your finances. The cost of compliance can sometimes be higher than transferring the data from the US to the EU.
Toward of new data legislation
Overall, we are witness to data protection laws becoming important and enforced. Business do not want to be caught off guard by this trend and shall start at once to integrate the relative obligations into their digital strategy. The world of tomorrow is a world where the digital technologies will be everywhere, stating the obvious here, but the legal framework that will accompany it will require businesses to get access to a new expertise.
Today we need accountants and lawyers to cope with the financials laws, tomorrow we will reach out to equivalent professions for data privacy!
More information on the GDPR.
