back to article More than half of small firms plan on using Privacy Shield – survey

Almost half of the organisations surveyed by the International Association of Privacy Professionals say they will use the Privacy Shield data-sharing framework in the next year. Agreed last summer, the deal between the European Union and the US aims to safeguard EU citizens' data when it is transferred to the States. It …

  1. Notas Badoff


    Could some kind soul post a link or two to an actual definition of Privacy Shield? I can find much discussion about it, but not *of* the actual subject. I'm assuming of course that there is something more definite than "we'll never peek" and "best effort".

  2. Anonymous Coward
    Anonymous Coward

    So what I'd like to know...

    We hear constant stories about how the EU is required to share / provide data about its citizens to the US, because in the US you're obviously guilty until proven innocent. But we never get to hear details when US citizens visit the EU... How does that work these days?

    I have a hunch why this is so of course, because last time the EU carefully raised a demand to acquire information about US citizens all of a sudden hell broke lose because that request was obviously an blatant intrusion of privacy.

  3. Lysenko

    We transfer EU citizens' data to the United States and we don't rely on Privacy Shield - we rely on AES and a key that never leaves British territory[1]. That's a "Privacy Shield" (unless No Such Agency is further along with quantum computing than we realise).

    [1] It's computer generated and encoded on an RFID card which lives in a safe.

  4. Anonymous Coward
    Anonymous Coward

    Something we are never told is just why does the data about EU citizens needs to be sent to the US in the first place.

    If it applies to people from the EU going to the US does the reverse apply with the same data about people from the US coming to the EU and if not why not?

    1. Alister

      Something we are never told is just why does the data about EU citizens needs to be sent to the US in the first place.

      You might like to ask Equifax about that...

  5. Anonymous Coward
    Anonymous Coward

    I was also wondering why smaller companies should need to transer personal data to the US, but maybe these agreements are to cover their use of bureau^W cloud services that may be located over there. Not to mention confidential service providers such as Equifax, of course.

    1. Anonymous Coward
      Anonymous Coward

      It could be something as simple as use of Cloud Computing storage so small companies may well be doing it, possible even unsuspectingly.

      The US company (likely Google or Amazon) it lands with might never access the data but as they are hosting it they are processing it (for DP purposes and this is what the Privacy Shield truly boils down to - Principle 8 Overseas Transfers) so you need a protocol such as this.

      Whether the Privacy Shield is worth the metaphotrical paper it is written on is a wholly different question (my view is 'is it buggery' for what its worth)

  6. 0laf
    Big Brother

    Privacy shield

    It's a tick box exercise in an attempt to justify the transfer of personal information to the states.

    It does nothing for actual security and give no real assurance.

    If you actually believe in it and trust it you're deluding yourself.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like

Biting the hand that feeds IT © 1998–2022