The EU–U.S. Privacy Shield program replaces the U.S.–EU Safe Harbor program. The U.S.–Swiss Safe Harbor program continues in place.

The EU-U.S. Privacy Shield Framework was designed by the U.S. Department of Commerce and European Commission to provide companies on both sides of the Atlantic with a mechanism to comply with EU data protection requirements when transferring personal data from the European Union to the United States in support of transatlantic commerce.

The Privacy Shield program, which is administered by the International Trade Administration (ITA) within the U.S. Department of Commerce, enables U.S.-based organizations to join the Privacy Shield Framework in order to benefit from the adequacy determination.  To join the Privacy Shield Framework, a U.S.-based organization will be required to self-certify to the Department of Commerce (via the DOC’s website at and publicly commit to comply with the Framework’s requirements. While joining the Privacy Shield Framework is voluntary, once an eligible organization makes the public commitment to comply with the Framework’s requirements, the commitment will become enforceable under U.S. law. All organizations interested in joining the Privacy Shield Framework should review its requirements in their entirety. The full details of the program can be found on the Department of Commerce’s website at

In order to ensure compliance with the Privacy Shield and Safe Harbor programs, there must be readily available independent recourse mechanisms, so that each individual's complaints and disputes (e.g., complaints and disputes of residents of the EU and Switzerland) can be investigated and expeditiously resolved at no cost to the individual.

To meet this requirement, a company can choose an ADR provider such as the International Centre for Dispute Resolution®, the international division of the American Arbitration Association® (ICDR/AAA) to resolve its disputes.

ICDR/AAA will, for a transitional period, continue to handle complaints under the U.S.-EU Safe Harbor Framework for organizations that designated ICDR/AAA as their independent recourse mechanism as these organizations transition to the EU-U.S. Privacy Shield Framework.

For additional program information on how to designate the ICDR/AAA as your independent recourse mechanism and on the EU-U.S. Privacy Shield program please review the program information document.


For further information, please contact:

Alyssa Montano by email at
Luis M. Martinez by phone at +1.212.716.5833 or by email at
Thomas Ventrone by phone at +1.212.484.4115 or by email at

Benefits to Using the ICDR/AAA

  • The ICDR/AAA is the largest international ADR provider.
  • ICDR/AAA arbitrators and mediators are drawn from a pool of professionals with privacy expertise and language capabilities from many different countries.
  • Disputes will be determined pursuant to the ICDR International Arbitration Rules, based on documents only and as modified by the Privacy Shield and Safe Harbor procedures and fee schedule for this program.
  • In-person hearings will not be provided for these cases unless they are requested and agreed to by the parties.
  • Arbitrations will be conducted on an expedited basis.

ICDR Dispute Resolution Procedures (click on the appropriate language)







ICDR®/AAA® EU-U.S. Privacy Shield and U.S.-Swiss Safe Harbor Program

Click here for a list of companies of EU-U.S. Privacy Shield and/or U.S.–Swiss Safe Harbor Companies

Safe Harbor Program