Der Privacy Shield zwischen der EU und den USA hat den ersten Test bestanden. Etwas mehr als ein Jahr nach seinem Inkrafttreten wurde Privacy Shield einer Prüfung durch die Europäische Kommission unterzogen. Die Kommission fasst das Ergebnis der Prüfung in ihrem Report vom 18. Oktober (PDF) wie folgt zusammen:
The annual review has demonstrated that the U.S. authorities have put in place the necessary structures and procedures to ensure the correct functioning of the Privacy Shield. The certification process has been handled in an overall satisfactory manner and more than 2400 companies have been certified so far. The U.S. authorities have put in place the complainthandling and enforcement mechanisms and procedures to safeguard individual rights. This includes also the new additional redress avenues for EU individuals such as the arbitration panel and the Ombudsperson mechanism. Regarding the latter, an Acting Ombudsperson was designated following the change of Administration in January 2017, whereas the nomination of a permanent Ombudsperson is pending. Cooperation with European data protection authorities has been stepped up. As regards access to personal data by public authorities for national security purposes, relevant safeguards on the U.S. side remain in place, notably those based on Presidential Policy Directive 28 issued in 2014 which sets out limitations and safeguards on use by national security authorities of personal data, regardless of nationality of the individual. In this context, it should also be noted that section 702 of the U.S. Foreign Intelligence Surveillance Act (FISA) is set to expire on 31 December 2017 and that reform proposals are under discussion in the U.S. Congress.
Details sind dem Commission Staff Working Document SWD(2017) 344 final zu entnehmen. Dieses und weitere Dokumente sind hier abrufbar.