Google has signed up for the EU-U.S. Privacy Shield framework by submitting their certification to the U.S. Department of Commerce for approval.
Google Are Trying to Resolve Some Data Security Concerns with the Privacy Shield Initiative
Caroline Atkinson, the Head of Global Public Policy at Google has posted on the official company blog that they have submitted their certification to the U.S. Department of Commerce for approval, the first step into adopting the Privacy Shield framework. The American company has experienced criticism about its data protection mechanisms by European regulators, and this announcement does not come as a surprise.
Privacy Shield is a legislation framework that protects the fundamental rights of everyone within the European Union whose personal data is transferred to the United States of America. It is built on several binding principles:
- Strong obligations on companies handling data
- Clear safeguards and transparency obligations on U.S. government access
- Effective protection of individual rights
- Annual joint review mechanism
The legislation imposes strong obligations on American companies to protect the personal data of the European citizens. For this first time written commitments and assurance regarding access to data by public authorities is strictly enforced.
The arrangement ensures greater transparency over data protection, strong sanctions and tightening conditions for onward transfer. The American companies will be able to report the approximate number of access requests by the public authorities. They are subject to clear limitations, safeguards, and several oversight mechanisms.
Companies are obliged to reply to complaints from individuals within 45 days, provide free of charge alternative dispute resolution and work with the data protection authorities.
Fore more information you can refer to Google’s blog post.