to the FTC no later than 30 days prior to any changes affecting Fantage’s ability to comply with the terms of the settlement. The order terminates in 20 years. ALL OF THESE CONCERNS WITH THE SAFE HARBOR CULMINATED IN THE INVALIDATION OF THE SAFE HARBOR FRAMEWORK BY THE EUROPEAN COURT OF JUSTICE IN OCTOBER 2015. SIMILAR CONCERNS WERE RAISED WITH THE SHORT LIVED PRIVACY SHIELD THAT WAS ALSO INVALIDATED IN 2020. BUSINESSES CAN NOW CONSIDER THE DATA PRIVACY FRAMEWORK DISCUSSED BELOW Despite the loss of some legal protections afforded by the Safe Harbor framework and Privacy Shield, businesses may still derive benefits and continued legal protections from actions they may have taken as necessary to comply with the Safe Harbor and Privacy Shield requirements. All of these activities demonstrate that a business takes privacy seriously and might be used as evidence to support a defense against any claims or government investigation as to lax privacy and data security practices. This will however not be the case where a business who certified compliance with the Safe Harbor framework or Privacy Shield did not actually implement the required actions. Model Contracts-Standard Contractual Clauses (SCCs) The GDPR allows for the use of so-called “model contracts” or Standard Contractual Clauses (“SCCs”). A business that uses SCC’s that have been approved by the European Commission in their agreements concerning the transfer of personal data to countries outside of the EU may be deemed to have adequate data privacy safeguards. [For more information on how to use these “model contracts” see Standard Contractual Clauses (SCC)] . Model contracts remain, for now, a viable option but have been under fire by privacy advocates in Europe who view them like the now invalidated Safe Harbor program and Privacy Shield.
146
Made with FlippingBook - Online Brochure Maker