Two days after the expiration of a deadline set by Europe’s data protection authorities, and after months of negotiations, the European Commission and U.S. Department of Commerce reached an understanding that intends to allow transatlantic transfer of digital data by thousands of companies to continue, including the data flowing in cross-border anti-corruption investigations. The so-called “Privacy Shield” agreement “makes existing cooperation between the FTC and E.U. DPAs [data protection authorities] more robust, with better enforcement mechanisms and means of redress for E.U. citizens whose privacy rights may have been infringed by E.U.-U.S. cross-border transfers,” Davina Garrod, a London-based Akin Gump partner, said. However, she added that “the shield is by no means a panacea, and does not fix all of the problems identified by the [E.U. Court of Justice] in the Schrems
judgment” that invalidated the previous Safe Harbor data transfer pact. We discuss the agreement, important steps that remain before the Privacy Shield can be finalized, and the immediate impact on cross-border investigations and other data exchanges with the E.U. See “Conflicting Compliance Obligations: How to Navigate Data Privacy Laws While Performing Internal Investigations and Promoting FCPA Compliance in the E.U. (Part One of Three)
” (Jan. 9, 2013); Part Two
(Jan. 23, 2013); Part Three
(Feb. 6, 2013).