Yesterday, the U.S. International Trade Administration (“ITA”) and the Swiss Federal Data Protection and Information Commissioner (“FDPIC”) announced the final approval of a Swiss-U.S. Privacy Shield Framework (“Swiss Privacy Shield”), replacing the U.S.-Swiss Safe Harbor Framework (“U.S.-Swiss Safe Harbor”) for the transfer of data from Switzerland to the United States.
PH Privacy is Paul Hastings’ Privacy, Cybersecurity and Data Governance blog. We welcome your feedback. Please contact our blog editor with any thoughts or suggestions.
- Improvements Noted. Also like the EU-U.S. Privacy Shield, the Swiss Federal Counsel noted that the Swiss Privacy Shield provides better protections than the prior U.S.-Swiss Safe Harbor, including intensified cooperation between Commerce and the FDPIC, the establishment of an arbitration body to deal with unresolved claims and the ability of Swiss residents to address inquiries relating to U.S. intelligence agencies’ data processing to an ombudsman in the U.S. State Department. Additionally, the FDPIC will serve as a point of contact for persons in Switzerland in the event of any problems related to U.S. data transfers.
- FTC Support. Today, FTC Chairwoman Edith Ramirez issued a statement of support, praising the Swiss-U.S. Privacy Shield’s ability to “facilitate continued transatlantic commerce” and “strengthen privacy protections for Swiss consumers.”
- Applications Accepted April 12. Commerce will begin accepting applications in three months on April 12, 2017. Although it appears the certification process will be very similar to the EU-U.S. Privacy Shield, the ITA has promised that additional information on next steps will be forthcoming on Commerce’s Privacy Shield website.
- Get Ready to Certify. Whether you have an existing U.S.-Swiss Safe Harbor certification and/or are interested in obtaining the new Swiss-U.S. Privacy Shield certification, you should begin preparations now to certify by the April 12 date to avoid any potential compliance gaps.