Der Pri­va­cy Shield zwi­schen der EU und den USA hat den ersten Test bestan­den. Etwas mehr als ein Jahr nach sei­nem Inkraft­tre­ten wur­de Pri­va­cy Shield einer Prü­fung durch die Euro­päi­sche Kom­mis­si­on unter­zo­gen. Die Kom­mis­si­on fasst das Ergeb­nis der Prü­fung in ihrem Report vom 18. Okto­ber (PDF) wie folgt zusam­men:

The annu­al review has demon­stra­ted that the U.S. aut­ho­ri­ties have put in place the necessa­ry struc­tures and pro­ce­du­res to ensu­re the cor­rect func­tio­n­ing of the Pri­va­cy Shield. The cer­ti­fi­ca­ti­on pro­cess has been hand­led in an over­all satis­fac­to­ry man­ner and more than 2400 com­pa­nies have been cer­ti­fied so far. The U.S. aut­ho­ri­ties have put in place the com­p­laint­hand­ling and enforce­ment mecha­nisms and pro­ce­du­res to safe­guard indi­vi­du­al rights. This inclu­des also the new addi­tio­nal redress ave­nues for EU indi­vi­du­als such as the arbi­tra­ti­on panel and the Ombuds­per­son mecha­nism. Regar­ding the lat­ter, an Acting Ombuds­per­son was desi­gna­ted fol­lo­wing the chan­ge of Admi­ni­stra­ti­on in Janu­a­ry 2017, whe­re­as the nomi­na­ti­on of a per­ma­nent Ombuds­per­son is pen­ding. Coope­ra­ti­on with European data pro­tec­tion aut­ho­ri­ties has been step­ped up. As regards access to per­so­nal data by public aut­ho­ri­ties for natio­nal secu­ri­ty pur­po­ses, rele­vant safe­guards on the U.S. side remain in place, nota­b­ly tho­se based on Pre­si­den­ti­al Poli­cy Direc­tive 28 issued in 2014 which sets out limi­ta­ti­ons and safe­guards on use by natio­nal secu­ri­ty aut­ho­ri­ties of per­so­nal data, regard­less of natio­na­li­ty of the indi­vi­du­al. In this con­text, it should also be noted that sec­tion 702 of the U.S. For­eign Intel­li­gence Sur­veil­lan­ce Act (FISA) is set to expi­re on 31 Decem­ber 2017 and that reform pro­po­sals are under dis­cus­sion in the U.S. Con­gress.

Details sind dem Com­mis­si­on Staff Working Docu­ment SWD(2017) 344 final zu ent­neh­men. Die­ses und wei­te­re Doku­men­te sind hier abruf­bar.

Posted by David Vasella

RA Dr. David Vasella ist Rechtsanwalt bei FRORIEP. Er ist auf IT-, Datenschutz- und Immaterialgüterrecht spezialisiert und ist Lehrbeauftragter der Universität Zürich. Er ist Gründer von swissblawg.