ARCHIVED: This archived Practice Note provides information on the Privacy Shield framework for transfers of personal data to the US and reflects the position before the introduction of the EU-US Data Privacy Framework (DPF) and the UK Extension to the EU-US Data Privacy Framework (also known as the UK-US Data Bridge). It is not maintained and is for background information only.
Article 44 of the EU’s General Data Protection Regulation, Regulation (EU) 2016/679 (EU GDPR) prohibits the transfer of personal data to a third country outside of the EEA, or an ‘international organisation’ (an international transfer). However, in certain circumstances, an international transfer of personal data may be permitted where the transfer is:
- •
based on an adequacy decision
- •
subject to appropriate safeguards
- •
in accordance with specific exceptions/derogations
Under Article 45 of the EU GDPR, the European Commission, has the power to determine whether a country outside of the EEA offers an adequate level of data protection, based on its domestic legislation or the international commitments it has entered into.
The US is not
Access this content for free with a 7 day trial of LexisNexis and benefit from:
- Instant clarification on points of law
- Smart search
- Workflow tools
- 42 practice areas
Get your quote today and take step closer to being able to benefit from:
- Instant clarification on points of law
- Smart search
- Workflow tools
- 36 practice areas
Get a LexisNexis quote
* denotes a required field
To view the latest version of this document and thousands of others like it,
sign-in with LexisNexis or register for a free trial.
CONTACT US
