In order to join the Privacy Shield Framework, a U.S. organization must “self- certify” to the U.S. Department of Commerce (“DOC”) and publicly commit to comply with the Framework’s requirements.
The DOC began accepting applications for self-certification on August 1, 2016. Once an organization’s application has been approved, it will be placed on a published “Privacy Shield List.” The legal protections of the Privacy Shield (i.e, the EC’s “Adequacy Determination)” take effect on the date on which the organization is placed on this list.
While joining the Framework is voluntary, once an eligible organization makes the public commitment to comply with the Framework’s requirements (i.e, once it undertakes the self-certification process), the commitment will become enforceable under U.S. law.
To find out more, please: