As data—especially personal data—continues to grow in importance as both a commodity and an asset deserving of protection, the development of legal frameworks governing data transfers continues to evolve as well. In the course of M&A due diligence, it is important to evaluate and review compliance and privacy policies in contracts pertaining to data transfer.
In this study, we explore the EU-US Privacy Shield - a framework that governs the transfer of transatlantic data from the European Economic Area (EEA) to the United States. As of July 2020, the Court of Justice of the European Union (CJEU) declared the Privacy Shield as “invalid” due to its lack of adequate data privacy protection and threat of mass surveillance employed by the US.
With more than 5,000 companies relying on the Privacy Shield, organizations now must quickly identify and amend the usage of the Privacy Shield in contacts and transition to alternative data transfer methods. Without proper safeguards, organizations risk violating GDPR and further complicating international operations.
Download the study to learn more about:
- How to quickly determine the prevalence of the Privacy Shield in contracts using Kira’s machine learning software
- Practical steps for organizations to transition their data transfer methods
- The importance of performing proper due diligence on data privacy methods and policies and the associated risks of not