On July 16, 2020, the Court of Justice of the European Union (CJEU) issued a landmark judgement that Privacy Shield is “invalid” because it does not provide “adequate protection” under Article 45 of the General Data Protection Regulation (GDPR) for transfers of personal data of individuals located in the European Union to the United States. “Privacy Shield and the GDPR: Inadequate Protection for Cross-border Data Transfers”
Enacted on May 25, 2018, the General Data Protection Regulation (GDPR) shook up the privacy world by enacting some of the strongest consumer protection laws ever seen. Any industry that processes the personal data of European Union residents was affected, and the regulation was designed to force organizations to implement the appropriate processes to manage consumer privacy and build consumer trust.
One year later, we reflect on what’s changed – and where we’re headed in 2019.