The EU-US Data Privacy Framework: A New Option for Your Cross-Border Data Transfers
BRG is home to renowned thought leaders and experts considered authorities in their fields of work. Our timely research and perspectives provide analysis and insights on the most important issues facing the industries and organizations we serve.
If you’re tired of using standard contractual clauses (SCCs) to legitimize your European personal data transfers to the US—and we bet you are—the European government has approved a practical alternative.
On July 10, 2023, the European Commission adopted an adequacy decision for the new EU-US Data Privacy Framework (DPF), aiming to bolster the uninterrupted flow of more than $7 trillion in annual transatlantic trade and investments. The DPF is the United States’ third framework to ensure adequate protections for Europeans’ personal data transferred to the US, concluding nearly a quarter-century of negotiations, agreements, and legal challenges. Companies relying on the DPF voluntarily submit to regulatory oversight of their compliance with the DPF Principles, which provide privacy protections equivalent to the EU General Data Protection Regulation.
Amy Lewis, Matt Meinel, and Michael Snodgrass discuss how BRG’s experienced team of privacy professionals can assist with evaluating whether your company should certify to the DPF. If your company decides to certify, the BRG team also can assist in assessing and developing a risk-based, principles-driven privacy program that will simplify the annual certification process.
Related Professionals
Prepare for what's next.
ThinkSet magazine, a BRG publication, provides nuanced, multifaceted thinking and expert guidance that help today’s business leaders adopt a more strategic, long-term mindset to prepare for what’s next.