• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to secondary sidebar

Alston & Bird Privacy Blog

  • Home
  • Services
  • Events
  • Contacts

Swiss-U.S. Privacy Shield Finalized

January 16, 2017 By Michael Young

On January 11, U.S. and Swiss authorities announced final agreement on the Swiss-U.S. Privacy Shield Framework. The Framework defines standards for handling personal data exported from Switzerland to the U.S. and enables U.S. companies to meet Swiss legal requirements to protect personal data transferred from Switzerland. The Framework is a successor to the former Swiss-U.S. Safe Harbor framework, which was declared invalid by the Swiss data protection commissioner following the invalidation of Safe Harbor by the European Court of Justice.  

U.S. companies may participate in the Framework through an application to the International Trade Association in the U.S. Department of Commerce. Starting April 12, U.S. companies may make an application self-certifying their compliance with Swiss-U.S. Framework Principles. More information will be provided at https://www.privacyshield.gov.  

The Swiss-U.S. Privacy Shield Framework is modelled off of the EU-U.S. Privacy Shield Framework approved by the EU Commission in July last year. The Swiss and EU Privacy Shield Framework principles are largely identical. However, the principles reflect a slight difference in the definition of “sensitive information,” an important concept under both the EU and Swiss Frameworks. Unlike the EU-U.S. Framework, the Swiss Framework expressly includes within its definition of “sensitive information” any “information on social security measures or administrative or criminal proceedings and sanctions, which are treated outside pending proceedings.” This expanded Swiss definition could impact companies who certify their compliance under the Swiss-U.S. Framework. For example, these companies may need to implement further measures to secure opt-in consent if such “sensitive information” is shared with third parties or used for purposes which were not clear at the time of original collection.

The formerly adopted EU-U.S. Privacy Shield Framework extended only to members of the European Economic Area (EEA). U.S. and Swiss officials sought a separate Privacy Shield agreement since Switzerland is not a member of the EEA. As explained previously on this blog, the EU-U.S. Privacy Shield now faces legal challenge before European courts. It is not clear whether the new Swiss-U.S. Privacy Shield framework could eventually face a similar legal challenge.

Filed Under: Data Protection, Data Security, International Tagged With: European privacy, Max Schrems decision, Privacy Shield 2.0

About Michael Young

Michael is counsel on the Privacy & Data Security Team. Michael focuses his practice on data privacy advising and technology transactions.

[Read Bio]

Primary Sidebar

This blog is a service of Alston & Bird’s Privacy & Data Security team and focuses on key data privacy and data security issues.


Receive email notifications when new posts are added.

Receive email notifications when new posts are added.


THE DIGITAL DOWNLOAD
Click here to see the editions

PRIVACY & CYBER EVENTS
Click here to see upcoming and past events

PRIVACY & CYBER MAILINGS
Click here to sign up

@ALSTONPRIVACY
Click here to follow us on Twitter

Secondary Sidebar

Categories

Recent Posts

  • Federal Court Rules Cyber Forensic Report Is Not Protected Under Attorney-Client Privilege Or Work Product Doctrine
  • Financial Regulatory Agencies Announce Proposed Rule Requiring Notice of Computer Security Incidents
  • Brexit Trade Agreement Provides a Temporary Solution for Companies Transferring Personal Data from the EEA to the UK
  • UK ICO Publishes New Data Sharing Code
  • SolarWinds Hack: Unparalleled Supply Chain Attack Results in Potential Compromise of Private and Public Sector Organizations
Copyright © 2021 · Alston & Bird · All Rights Reserved. Privacy.
This website uses cookies to improve functionality and performance. By continuing to browse this site, you are consenting to the use of cookies on this website. OkCookie policy