Will the U.S. Ever be Adequate? A Review of EU and U.S. Data Protection Regimes
Jessica Medvec, Corporate Counsel, Hyster-Yale Group, Inc., USA
Individual data protection rights all over the world have been thrust into the corporate spotlight recently due to the passage of broad legislation in the European Union with global ramifications and high profile court decisions. The new rules have raised significant concerns related to increased constraints on the transfer of personal data of European natural persons to third countries and specifically to the United States.
Under European law, there must be an adequate level of protection in place prior to transferring personal data outside the confines of its originating country. Although some countries have been able to obtain an adequacy decision from the European Commission on a national basis, protections provided in the United States have long been considered inadequate in the eyes of European data privacy legislation. For nearly two decades this gap was bridged by a policy agreement between the U.S. and the EU. But when that agreement was ultimately found to lack the requisite adequacy required under European law, U.S. organizations were left wondering: Will the United States ever be willing or able to live up to European data privacy standards?
Read full paper
Subscribe to the IICJ