March 1, 2017
In an article published in the March 2017 issue of ALM’s Cybersecurity Law & Strategy Journal, Atlanta partner David Katz provides insight into what companies need to know about privacy shield certifications if they operate in the U.S. or European Union. Mr. Katz explains that if your company maintains operations in the European Union or is U.S. based but obtaining personal data from European citizens, you will need to strongly consider obtaining certification under the new Privacy Shield framework. If you collect, use or process information that contains data about identifiable individuals in the EU, you likely are governed by the EU Data Protection Directive when you transfer that information to the U.S., he says. The basic principle asserted by the EU is that its citizens own their personal data as a natural right, and the government will enforce that right everywhere. There are small fees attached to the certification process, but the real cost will be in setting up the internal processes for compliance and the Privacy Shield, even with its costs, offers the least invasive means of compliance for most companies, Mr. Katz says.
These materials have been prepared for informational purposes only and are not legal advice. This information is not intended to create, and receipt of it does not constitute, an attorney-client relationship. Internet subscribers and online readers should not act upon this information without seeking professional counsel.