81 Fed. Reg. 58473 (Aug. 25, 2016)

U.S.-EU Safe Harbor Framework Self-Certification Notice

Download PDF

Federal RegisterAug 25, 2016

81 Fed. Reg. 58473 (Aug. 25, 2016)

AGENCY:

International Trade Administration, Department of Commerce.

ACTION:

Notice of discontinuation of the U.S.-EU Safe Harbor Framework.

SUMMARY:

The International Trade Administration (ITA) issues this notice regarding the U.S.-EU Safe Harbor Framework (U.S.-EU Safe Harbor). As of August 1, 2016, the Department of Commerce no longer accepts new submissions of self-certification to the U.S.-EU Safe Harbor. As of October 31, 2016, the Department of Commerce will no longer accept re-certification submissions to the U.S.-EU Safe Harbor.

DATES:

The Department of Commerce stopped accepting new submissions of self-certification to the U.S.-EU Safe Harbor on August 1, 2016. As of October 31, 2016, the Department of Commerce will no longer accept re-certification submissions to the U.S.-EU Safe Harbor.

FOR FURTHER INFORMATION CONTACT:

Shannon Coe, International Trade Administration, 202-482-6013 or Shannon.Coe@trade.gov.

SUPPLEMENTARY INFORMATION:

On October 6, 2015, the European Court of Justice issued a judgment declaring as “invalid” the European Commission's Decision 2000/520/EC of 26 July 2000 “on the adequacy of the protection provided by the safe harbour privacy principles and related frequently asked questions issued by the US Department of Commerce.” According to that decision, the U.S.-EU Safe Harbor Framework has not been a valid mechanism to comply with EU data protection requirements when transferring personal data from the European Union to the United States.

http://curia.europa.eu/juris/document/document.jsf?text=&docid=169195&pageIndex=0&doclang=EN&mode=req&dir=&occ=first&part=1&cid=125031.

On July 12, U.S. Secretary of Commerce Penny Pritzker joined European Union Commissioner Věra Jourová to announce the approval of the EU-U.S. Privacy Shield Framework, replacing the U.S.-EU Safe Harbor. The EU-U.S. Privacy Shield Framework provides companies on both sides of the Atlantic with a mechanism to comply with European Union data protection requirements when transferring personal data from the European Union to the United States in support of transatlantic commerce. The Department of Commerce started accepting certifications to the EU-U.S. Privacy Shield Framework on August 1st.

https://www.commerce.gov/news/secretary-speeches/2016/07/remarks-us-secretary-commerce-penny-pritzker-eu-us-privacy-shield.

http://ec.europa.eu/justice/data-protection/files/annexes_eu-us_privacy_shield_en.pdf.

https://www.commerce.gov/sites/commerce.gov/files/media/files/2016/how_to_join_privacy_shield_sc_cmts.pdf.

http://ec.europa.eu/justice/data-protection/files/annexes_eu-us_privacy_shield_en.pdf.

As of August 1, 2016, the Department of Commerce stopped accepting new submissions for self-certification to the U.S.-EU Safe Harbor Framework; as of October 31, 2016, the Department of Commerce will stop accepting re-certification submissions to the U.S.-EU Safe Harbor Framework. The Department will maintain the U.S.-EU Safe Harbor List; pursuant to the Safe Harbor Frequently Asked Question on Self-Certification, the commitment to adhere to the Safe Harbor Principles is not time-limited, and a participating organization must continue to apply the Safe Harbor Principles to data received under the Safe Harbor.

https://safeharbor.export.gov/list.aspx.

Please note that the Department of Commerce will continue to administer the U.S.-Swiss Safe Harbor Framework.

For more information on the EU-U.S. Privacy Shield Framework, please visit www.privacyshield.gov.

Dated: August 17, 2016.

Praveen Dixit,

Acting Assistant Secretary for Industry and Analysis, International Trade Administration, U.S. Department of Commerce.

[FR Doc. 2016-20421 Filed 8-24-16; 8:45 am]

BILLING CODE P