← Back to Glossary

Privacy Shield

A now-invalidated framework for EU-US data transfers, replaced by the EU-US Data Privacy Framework.

The EU-US Privacy Shield was a framework that allowed US companies to self-certify adherence to data protection principles for the purpose of transferring personal data from the EU to the US. It was adopted in 2016 as a replacement for the Safe Harbor framework. In July 2020, the Court of Justice of the European Union invalidated the Privacy Shield in the Schrems II decision, finding that US surveillance laws did not provide adequate protection for EU residents' data. The EU-US Data Privacy Framework (DPF), adopted in July 2023, is the replacement mechanism. US companies can now certify under the DPF, which incorporates new safeguards addressing the concerns raised in Schrems II.

Related Terms

Cross-Border Data TransferAdequacy DecisionGDPR (General Data Protection Regulation)

Ready to Simplify Your Compliance?

Start automating your privacy compliance today. No credit card required.

Start Free