The EU–U.S. Privacy Shield program replaces the U.S.–EU Safe Harbor program. The U.S.–Swiss Safe Harbor program continues in place.
The EU-U.S. Privacy Shield Framework was designed by the U.S. Department of Commerce and European Commission to provide companies on both sides of the Atlantic with a mechanism to comply with EU data protection requirements when transferring personal data from the European Union to the United States in support of transatlantic commerce.
The Privacy Shield program, which is administered by the International Trade Administration (ITA) within the U.S. Department of Commerce, enables U.S.-based organizations to join the Privacy Shield Framework in order to benefit from the adequacy determination. To join the Privacy Shield Framework, a U.S.-based organization will be required to self-certify to the Department of Commerce (via the DOC’s website at https://www.privacyshield.gov/Program-Overview) and publicly commit to comply with the Framework’s requirements. While joining the Privacy Shield Framework is voluntary, once an eligible organization makes the public commitment to comply with the Framework’s requirements, the commitment will become enforceable under U.S. law. All organizations interested in joining the Privacy Shield Framework should review its requirements in their entirety. The full details of the program can be found on the Department of Commerce’s website at https://www.privacyshield.gov.
In order to ensure compliance with the Privacy Shield and Safe Harbor programs, there must be readily available independent recourse mechanisms, so that each individual's complaints and disputes (e.g., complaints and disputes of residents of the EU and Switzerland) can be investigated and expeditiously resolved at no cost to the individual.
To meet this requirement, a company can choose an ADR provider such as the International Centre for Dispute Resolution®, the international division of the American Arbitration Association® (ICDR/AAA) to resolve its disputes.
ICDR/AAA will, for a transitional period, continue to handle complaints under the U.S.-EU Safe Harbor Framework for organizations that designated ICDR/AAA as their independent recourse mechanism as these organizations transition to the EU-U.S. Privacy Shield Framework.
For additional program information on how to designate the ICDR/AAA as your independent recourse mechanism and on the EU-U.S. Privacy Shield program please review the program information document.
For further information, please contact:
Jason Cabrera by email at CabreraJ@adr.org.
Luis M. Martinez by phone at +1.212.716.5833 or by email at MartinezL@adr.org.
Thomas Ventrone by phone at +1.212.484.4115 or by email at VentroneT@adr.org.
Benefits to Using the ICDR/AAA
About the Privacy Shield/
Safe Harbor Program
ICDR Dispute Resolution Procedures (click on the appropriate language)
ICDR®/AAA® EU-U.S. Privacy Shield and U.S.-Swiss Safe Harbor Program
Safe Harbor Program