34 percent of privacy pros expect their companies to adopt Privacy Shield

Friday 2 September 2016 00:25 CET | News

Only 34% of privacy professionals whose companies transfer data from Europe to the US expect their businesses to adopt the framework for responsible transatlantic data flow.

According to a survey issued by the International Association of Privacy Professionals (IAPP) and underwritten by EY (formerly known as Ernst & Young) Whats more, 50% of these same respondents confirmed that their companies had previously followed the Safe Harbor arrangement that preceded the Privacy Shield – an indication that the international business community may have lost faith in the governing bodies responsible for the data privacy compliance since Safe Harbor was struck down by the Court of Justice of the European Union.

For its study, the IAPP polled a total of 600 privacy professionals, 54% of whom confirmed that their companies engaged in transatlantic data transfer. Those who responded in the affirmative were then asked which mechanisms and policies they used for cross-border data transfers.

Judging by the IAPPs findings, a far more popular legal mechanism for ensuring data privacy standards while transferring data across the Atlantic is the standard contractual clause (SCC). In fact, 81% of respondents whose companies transfer data from the EU to the US confirmed that their companies utilize SCCs. Many companies were forced to adopt these clauses after Safe Harbor was dissolved, in order to have some measure of legal recourse for communicating data.

Case in point: 96% of surveyed companies with 25,000 to 75,000 employees that transfer data from the EU to the US use SCCs, but only 26% plan to certify with Privacy Shield, likely because they already have an alternative solution in place. When the Safe Harbor was still valid, however, 75% of these same companies were certified under that program.

The survey also suggests that binding corporate rules, a third kind of data transfer mechanism, may be too expensive for certain companies seeking viable alternatives to SCCs and the Privacy Shield. Of the surveyed companies that share data between Europe and the US, only 8% of those with 5,000 employees or fewer said they intend to use binding corporate rules.

Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: online fraud, online security, cyber security, fraud prevention, privacy, Privacy Shield
Categories: Fraud & Financial Crime
Countries: World
This article is part of category

Fraud & Financial Crime