Enforcement is increasing under the EU US Privacy Shield Framework for cross border transfer of personal data. A report published by European regulator, the European Data Protection Board (EDPB), lists enforcement initiatives by the Department of Commerce (DoC) and the FTC.
-
On a quarterly basis the DoC conducts “false claims reviews” to identify organizations that have started but not finished an initial or re-certification or that did not submit their annual recertification.
-
The DoC performs random web searches for false claims of participation in the program
-
The DoC performed a sweep of 100 randomly chosen organizations.
-
The DoC designated a person to follow the media and to do keyword searches to identify possible breaches of the Privacy Shield commitment.
-
The DoC performs regular checks for broken links to the privacy policy on the Privacy Shield list.
-
This year the FTC brought 5 new Privacy Shield cases.
-
The FTC investigates Privacy Shield-related referrals (approximately 100).
-
The FTC started to send Civil Investigation Demands (CIDs) proactively to monitor compliance with the Privacy Shield principles.
Details in the Second Annual Joint Review.
[View source.]