This browser is not actively supported anymore. For the best passle experience, we strongly recommend you upgrade your browser.
Asset 3
  • About
  • People
  • Capabilities
  • Insights
  • Careers
  • Public Interest
  • Inclusion
  • Contact us
    Contact us
  • Locations
    Locations
  • Search
    Search
  • About
    • About
    • Message From the CEO
    • Firm History
    • Alumni
    • Alumni
    • In Memoriam
  • People
  • Capabilities
    • Practices
    • Industries
    • Global Reach: The Law Firm Network
    • Bankruptcy & Restructuring
    • Brand & Reputation Management
    • Intellectual Property
    • Litigation & Dispute Resolution
    • Special Situations, Distressed Debt and Debt Trading
    • Transactions
    • Tax
    • White Collar Defense, Investigations & Compliance
    • Energy & Environmental
    • Entertainment & Media
    • Investment Management 
    • Life Sciences
    • Technology
    • Real Estate
    • Bankruptcy & Restructuring
    • Bankruptcy Litigation
    • Mass Torts Bankruptcy
    • Intellectual Property
    • Intellectual Property Litigation
    • Patents
    • Trademark, Copyright & Advertising
    • Patent Trial and Appeals Board (PTAB)
    • Litigation & Dispute Resolution
    • Civil Fraud Litigation
    • Employment Practices and Litigation
    • Government Contracts Litigation
    • Intellectual Property Litigation
    • Insurance Recovery
    • Litigation Funding
    • M&A and Private Equity Litigation
    • Real Estate Litigation
    • Patent Trial and Appeals Board (PTAB)
    • UK Tax Controversy & Litigation
    • Special Situations, Distressed Debt and Debt Trading
    • Distressed Debt & Claims Trading
    • Litigation Funding
    • Finance
    • Real Estate Special Situations
    • Transactions
    • Capital Markets
    • Cross-Border Transactions
    • Emerging Growth Companies & Venture Capital
    • Employment
    • Finance
    • Franchising
    • Mergers & Acquisitions
    • Tax
    • White Collar Defense, Investigations & Compliance
    • Economic Sanctions & Export Controls
    • Energy & Environmental
    • Energy
    • Energy Transition
    • Environmental
    • Entertainment & Media
    • Brand & Reputation Management
    • Intellectual Property
    • Sports
    • Investment Management
    • Fund Formation
    • Private Equity Transactions
    • Distressed Debt
    • Emerging Growth Companies & Venture Capital
    • Family-Owned & Closely Held Businesses
    • Private Equity Litigation
    • Life Sciences
    • BR BioAdvisory Services
    • Technology
    • Artificial Intelligence
    • Cybersecurity & Data Privacy
    • Digital Commerce
    • Fintech
    • Real Estate
    • Hospitality & Leisure
    • Distressed Real Estate
    • Real Estate Special Situations
    • Real Estate Litigation
    • Wireless Network Infrastructure
  • Insights
    • Client News
    • Firm News
    • Briefings
    • Events
  • Careers
    • Experienced Lawyers
    • U.S. Law Students
    • London Trainee Program
    • Business Professionals
    • Professional Development
  • Public Interest
    • Brown Rudnick Charitable Foundation
    • Pro Bono & Community Service
  • Inclusion
    • Inclusion
    • Women in Business Series
  • Contact Us
  • Location
  • Search
  • About
    • About
    • Message From the CEO
    • Firm History
    • Alumni
    • Alumni
    • In Memoriam
  • People
  • Capabilities
    • Practices
    • Industries
    • Global Reach: The Law Firm Network
    • Bankruptcy & Restructuring
    • Brand & Reputation Management
    • Intellectual Property
    • Litigation & Dispute Resolution
    • Special Situations, Distressed Debt and Debt Trading
    • Transactions
    • Tax
    • White Collar Defense, Investigations & Compliance
    • Energy & Environmental
    • Entertainment & Media
    • Investment Management 
    • Life Sciences
    • Technology
    • Real Estate
    • Bankruptcy & Restructuring
    • Bankruptcy Litigation
    • Mass Torts Bankruptcy
    • Intellectual Property
    • Intellectual Property Litigation
    • Patents
    • Trademark, Copyright & Advertising
    • Patent Trial and Appeals Board (PTAB)
    • Litigation & Dispute Resolution
    • Civil Fraud Litigation
    • Employment Practices and Litigation
    • Government Contracts Litigation
    • Intellectual Property Litigation
    • Insurance Recovery
    • Litigation Funding
    • M&A and Private Equity Litigation
    • Real Estate Litigation
    • Patent Trial and Appeals Board (PTAB)
    • UK Tax Controversy & Litigation
    • Special Situations, Distressed Debt and Debt Trading
    • Distressed Debt & Claims Trading
    • Litigation Funding
    • Finance
    • Real Estate Special Situations
    • Transactions
    • Capital Markets
    • Cross-Border Transactions
    • Emerging Growth Companies & Venture Capital
    • Employment
    • Finance
    • Franchising
    • Mergers & Acquisitions
    • Tax
    • White Collar Defense, Investigations & Compliance
    • Economic Sanctions & Export Controls
    • Energy & Environmental
    • Energy
    • Energy Transition
    • Environmental
    • Entertainment & Media
    • Brand & Reputation Management
    • Intellectual Property
    • Sports
    • Investment Management
    • Fund Formation
    • Private Equity Transactions
    • Distressed Debt
    • Emerging Growth Companies & Venture Capital
    • Family-Owned & Closely Held Businesses
    • Private Equity Litigation
    • Life Sciences
    • BR BioAdvisory Services
    • Technology
    • Artificial Intelligence
    • Cybersecurity & Data Privacy
    • Digital Commerce
    • Fintech
    • Real Estate
    • Hospitality & Leisure
    • Distressed Real Estate
    • Real Estate Special Situations
    • Real Estate Litigation
    • Wireless Network Infrastructure
  • Insights
    • Client News
    • Firm News
    • Briefings
    • Events
  • Careers
    • Experienced Lawyers
    • U.S. Law Students
    • London Trainee Program
    • Business Professionals
    • Professional Development
  • Public Interest
    • Brown Rudnick Charitable Foundation
    • Pro Bono & Community Service
  • Inclusion
    • Inclusion
    • Women in Business Series

Search People

Search by last name

A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z

see all people

Asset 3
  • LinkedIn
  • X (formerly known as Twitter)
  • Facebook
  • Instagram
  • Threads
  • YouTube
  • rss
  • Contact Us
  • Terms of Use
  • Privacy
  • Sitemap
  • LinkedIn
  • X (formerly known as Twitter)
  • Facebook
  • Instagram
  • Threads
  • YouTube
  • rss

© 2024 Brown Rudnick LLP. Attorney advertising.

All Rights Reserved.

All Posts Subscribe
print-logo
7/19/2023 4:15:46 PM | 2 minute read

New Data Privacy Framework... It's a Problem of Motivation

3
2
13

Get in touch

Avatar
Morgan Jones
Associate

Get in touch

Avatar
Morgan Jones
Associate
Man monitoring risk and benefits in inverstemt or medicine by sliding a controler. Composite image between a 3d illustration and a photography.
3
2
13

It’s been over a week since the European Union announced that it is granting the United States an adequacy decision in light of the new Data Privacy Framework (DPF), and Austrian privacy activist Max Schrems hasn’t filed a suit to invalidate that decision or attack the DPF directly. It’s time for U.S. companies to do to the EU Standard Contractual Clauses (SCCs) what Ron Livingston did to the printer in the classic movie, "Office Space," and to celebrate. (Break out your pieces of flare!) Right?

The answer to that is likely, no. Because, like "Office Space," many of us have seen this movie before: the EU and U.S. agree to a transfer mechanism to provide protection and make business a bit more fluid, and then…eventually… Max Schrems takes action, not unlike Bill Lumbergh ruining an employee’s weekend, but in our case, it’s all U.S. companies and for the foreseeable future. So, for the time being, it’s prudent for U.S. companies to continue filing their TPS reports (i.e., using the SCCs when transferring EU personal data to the U.S.) because even if it costs a bit more time and money now, having to backpedal later, after another Max Schrems victory, would be far more costly.

Nevertheless, it may be worthwhile for U.S. companies, whether they were Privacy Shield certified or not, to examine the new DPF and consider whether it is right for them. Except for incorporating in Executive Order 14086 (limiting what the U.S. intelligence agencies can do, and providing recourse mechanisms for non-citizens), the DPF doesn't have many substantive changes from the Privacy Shield. While some updates will be needed to certify under the DPF, they are generally manageable. 

There are a few minor differences between the DPF and Privacy Shield that U.S. companies should be aware of: 

  1. the $500 fee cap for annual re-certification has been removed (we don’t believe this will increase drastically, but will be possible); and 
  2. the withdrawal process for DPF is much more detailed/involved than under the Privacy Shield, and potentially quite costly.

Companies wishing to withdraw (after certifying compliance with the DPF) will have to do one of the following: 

  1. make annual filings with the Department of Commerce regarding continued DPF compliance in practice or similar adequate protection; 
  2. enter into agreements with each data subject binding the company to the terms and principles of the DPF with respect to its processing of that person’s personal data; or 
  3. returning or deleting all personal data collected while certified under the DPF (and the Privacy Shield before that, if converting). 

None of these are practical, cost sensitive, or welcomed, but they will be the new law of the land, so consider carefully before certifying under the DPF (or converting over from the Privacy Shield).

In conclusion, there may be a few (competitive) advantages to a U.S. company certifying under the DPF, but if it is invalidated in the near future, as was the Privacy Shield, and Safe Harbor before that, the hurdles and costs associated with exiting the DPF (and possibly switching back to reliance on the SCCs) may make it more reasonable to hold off on certifying under the DPF, at least for a few years. In sum, it's not that U.S. companies are lazy (with respect to the DPF), it's a problem of motivation, and right now U.S. companies don't really have that.

Tags

cybersecurity & data privacy, digital commerce

Get in touch

Avatar
Morgan Jones
Associate

Get in touch

Avatar
Morgan Jones
Associate
DOJ Updates White-Collar Enforcement Priorities
5/15/2025 8:37:21 PM

DOJ Updates White-Collar Enforcement Priorities

By Daniel Sachs Steven Tyrrell Stephen Best Angela Papalaskaris +1 more...

Show less

DOJ Updates White-Collar Crime Enforcement Priorities  On May 12, 2025, the Criminal Division of the U.S. Department of Justice (DOJ)...

Latest Insights

Renewable Transport Fuel Obligation (RTFO) and Tax Disputes: Navigating a Complex Compliance Landscape
5/12/2025 12:30:58 PM

Renewable Transport Fuel Obligation (RTFO) and Tax Disputes: Navigating a Complex Compliance Landscape

By Matthew Sharp
2
2
Raising the Stakes: UK Government Consults on the Tax Treatment of Remote Gaming and Gambling
5/9/2025 2:45:43 PM

Raising the Stakes: UK Government Consults on the Tax Treatment of Remote Gaming and Gambling

By Matthew Sharp Menelaos Karampetsos
1
14
15
[2025] UKUT 00124 (TCC) George Mantides Limited v HMRC: Further Ammunition for HMRC in Its Battle Against Self-Employment in Healthcare?
5/1/2025 2:34:46 PM

[2025] UKUT 00124 (TCC) George Mantides Limited v HMRC: Further Ammunition for HMRC in Its Battle Against Self-Employment in Healthcare?

By Matthew Sharp
39
39