summary

In March 2022, the European Union (“EU”) Commission and the United States (“US”) announced that they had agreed, in principle, on a new EU-US Data Privacy Framework (the “Framework”) to facilitate the transatlantic flow of EU personal data to the US. In October 2022, President Biden signed an Executive Order setting out the steps the US committed to undertake in preparation for the Framework. In December 2022, the EU Commission (“EC”) launched the process of adopting an adequacy decision. The draft concludes that the US ensures an adequate level of protection for personal data transferred from the EU to the US.

The Framework acts as an agreement between the EU and US which permits a data exporter to transfer EU personal data to the US, without the need to implement an additional transfer mechanism, such as…

next steps for firms

We can assist you in identifying the appropriate transfer mechanism for your international data transfers and determine whether any transfer mechanisms you already have in place should be updated considering the new EU-US Data Privacy Framework.

For more information and guidance or advice on the EU-US Data Privacy Framework, Cleveland & Co External in-house counsel™, your specialist outsourced legal team, are here to help.