The new commercial data transfer pact is set to replace Safe Harbor, which was struck down by European Court of Justice last year due to a lack of privacy safeguards for EU citizens. The deal will provide multinational companies with an easier way to legally process EU customer's personal data.
Multinational corporations can use Privacy Shield to handle EU customer's personal data more easily, while also being subject to new rules for data retention.
Microsoft's Vice President for EU Government Affairs John Frank praised the deal, stating that “this is an important achievement for the privacy rights of citizen's across Europe and for companies…that rely on international data flows to run their business.”
He goes on to mention the annual review clause as one of the most important points, a change that allows the framework to evolve over time to adapt to changes in privacy laws. In his opinion, the clause “ensures that enduring values remain protected at a time when technology changes ever more quickly.”
Microsoft's statement contradicts the concerns of Max Shrems, whose complaint against Facebook is what toppled the previous agreement. Shrems told Fortune that legal uncertainty would mean that companies would not rush to sign the new register, while Frank announces that Microsoft will “will sign up to the new framework as soon as possible.” The company began the process of Privacy Shield implementation as early as April.
The information shows that companies are much more sympathetic to privacy concerns than previously expected, and paves the way for others to set a similar example ahead of its announcement on July 12.