The report US- EU Privacy Shield Analysis: Winners and Losers was published April 6, 2016. Report authors: Robert Gellman and Pam Dixon You are at the report main page, where you can download the full report in PDF format. Report Links: Download full report (PDF, 9 pages) Read “report in brief” front matter below. — The Analysis in
The US and the European Commission have released details about the proposed Privacy Shield program, formerly known as the “EU-US Safe Harbor Framework.” A key takeaway on US side is that the program will still rely on self-certification, although with improved verification and monitoring mechanisms. For its part, the US Department of Commerce has released a 132-page package containing the program principles, letters from the
Social networking and EU — The Article 29 Working Party has adopted an important Opinion regarding social networking sites as of June 12. The opinion covers privacy, advertising, sensitive information, and other issues relating to online social networking. Regarding sensitive data, the Article 29 Working Party stated: “Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership or data concerning health or sex life is considered sensitive. Sensitive personal data may only be published on the Internet with the explicit consent from the data subject or if the data subject has made the data manifestly public himself.” Regarding use of sensitive data to target advertising, the Article 29 opinion stated: “The Working Party recommends not using sensitive data in behavioral advertising models, unless all legal requirements are met.” The opinion also stated that the EU Data Protection Directive generally applies to the processing of personal data by social networking services, even when their headquarters are outside of the EEA, and that social networking service providers are considered data controllers under the Data Protection Directive.