EU–US Data Privacy Framework
E221480
The EU–US Data Privacy Framework is a transatlantic data-transfer agreement that sets rules and safeguards for protecting the personal data of EU citizens when it is transferred to and processed in the United States.
All labels observed (4)
| Label | Occurrences |
|---|---|
| EU–US Data Privacy Framework canonical | 2 |
| Data Privacy Framework | 1 |
| EU-U.S. Data Privacy Framework | 1 |
| Safe Harbor framework | 1 |
How this entity was disambiguated
This entity first appeared as the object of triple T1998810 — resolving that mention is where its identity was fixed. The disambiguator weighed these candidate entities and picked the highlighted one (or “None”, minting a new entity). This is how homonymy is resolved: the same surface form can point to different entities.
Target entity: EU–US Data Privacy Framework Context triple: [European Union–United States relations, hasKeyFramework, EU–US Data Privacy Framework]
-
A.
New York State Department of Financial Services Cybersecurity Regulation
The New York State Department of Financial Services Cybersecurity Regulation is a pioneering set of cybersecurity requirements for financial institutions operating in New York, mandating robust risk-based programs, incident reporting, and governance to protect consumers and the financial system from cyber threats.
-
B.
GDPR
The GDPR (General Data Protection Regulation) is a comprehensive European Union data protection law that governs how organizations collect, process, and store personal data of individuals in the EU.
-
C.
Joint Committee on Personal Data Protection Bill
The Joint Committee on Personal Data Protection Bill was a parliamentary panel in India tasked with examining and recommending changes to the country’s proposed comprehensive data protection legislation.
-
D.
European Data Protection Supervisor
The European Data Protection Supervisor is the independent EU authority responsible for overseeing the protection of personal data and privacy within European Union institutions and bodies.
-
E.
Cybersecurity Information Sharing Act of 2015
The Cybersecurity Information Sharing Act of 2015 is a U.S. federal law that facilitates the sharing of cyber threat information between private companies and the government to improve national cybersecurity while addressing privacy and civil liberties concerns.
- F. None of above. chosen
- G. Unsure - the case is ambiguous/there is not enough information to decide.
Target entity: EU–US Data Privacy Framework Target entity description: The EU–US Data Privacy Framework is a transatlantic data-transfer agreement that sets rules and safeguards for protecting the personal data of EU citizens when it is transferred to and processed in the United States.
-
A.
New York State Department of Financial Services Cybersecurity Regulation
The New York State Department of Financial Services Cybersecurity Regulation is a pioneering set of cybersecurity requirements for financial institutions operating in New York, mandating robust risk-based programs, incident reporting, and governance to protect consumers and the financial system from cyber threats.
-
B.
GDPR
The GDPR (General Data Protection Regulation) is a comprehensive European Union data protection law that governs how organizations collect, process, and store personal data of individuals in the EU.
-
C.
Joint Committee on Personal Data Protection Bill
The Joint Committee on Personal Data Protection Bill was a parliamentary panel in India tasked with examining and recommending changes to the country’s proposed comprehensive data protection legislation.
-
D.
European Data Protection Supervisor
The European Data Protection Supervisor is the independent EU authority responsible for overseeing the protection of personal data and privacy within European Union institutions and bodies.
-
E.
Cybersecurity Information Sharing Act of 2015
The Cybersecurity Information Sharing Act of 2015 is a U.S. federal law that facilitates the sharing of cyber threat information between private companies and the government to improve national cybersecurity while addressing privacy and civil liberties concerns.
- F. None of above. chosen
Statements (49)
| Predicate | Object |
|---|---|
| instanceOf |
EU–US data protection arrangement
ⓘ
data transfer framework ⓘ international agreement ⓘ |
| adoptedBy | European Commission ⓘ |
| appliesTo | personal data of EU data subjects transferred to the United States ⓘ |
| basedOn |
GDPR
ⓘ
surface form:
EU General Data Protection Regulation
|
| concerns | cross-border data flows between the EU and the US ⓘ |
| enforcedBy |
United States Department of Transportation
ⓘ
surface form:
US Department of Transportation
Federal Trade Commission ⓘ
surface form:
US Federal Trade Commission
|
| establishes | a certification mechanism for US organizations ⓘ |
| follows | EU–US Privacy Shield ⓘ |
| hasAlternativeName |
EU–US Data Privacy Framework
ⓘ
surface form:
Data Privacy Framework
EU–US Data Privacy Framework ⓘ
surface form:
EU-U.S. Data Privacy Framework
|
| includes |
Data Protection Review Court
ⓘ
commitments regarding access to data by US national security authorities ⓘ data protection principles for participating US organizations ⓘ independent dispute resolution mechanisms ⓘ limitations and safeguards on US government access to EU personal data ⓘ obligations on US companies receiving EU personal data ⓘ oversight by US authorities ⓘ redress mechanisms for EU data subjects ⓘ |
| jurisdiction |
European Union
ⓘ
United States of America ⓘ
surface form:
United States
|
| legalBasis | European Commission adequacy decision ⓘ |
| monitoredBy |
European Data Protection Board
ⓘ
surface form:
EU data protection authorities
European Commission ⓘ |
| negotiatedBy |
European Commission
ⓘ
United States government ⓘ
surface form:
United States Government
|
| provides |
EU data subjects with access rights to their personal data
ⓘ
EU data subjects with complaint and redress mechanisms ⓘ EU data subjects with rights to rectification of inaccurate data ⓘ |
| purpose |
to enable lawful transfers of personal data from the EU to the US
ⓘ
to ensure an adequate level of protection for EU personal data in the US ⓘ |
| regulates | transfers of personal data from EU controllers and processors to certified US organizations ⓘ |
| relatedTo |
EU–US Privacy Shield
ⓘ
EU–US Privacy Shield ⓘ
surface form:
Safe Harbor Privacy Principles
EU–US Privacy Shield ⓘ
surface form:
Schrems I judgment
Data Protection Commissioner v Facebook Ireland and Maximillian Schrems ⓘ
surface form:
Schrems II judgment
|
| replaces |
EU–US Privacy Shield
ⓘ
EU–US Data Privacy Framework self-linksurface differs ⓘ
surface form:
Safe Harbor framework
|
| requires |
US organizations to self-certify compliance
ⓘ
data security measures by participating US organizations ⓘ limitations on data retention ⓘ onward transfer safeguards when data is shared with third parties ⓘ transparency about data processing by participating US organizations ⓘ |
| sector |
data protection
ⓘ
international data transfers ⓘ |
| subjectOf |
legal and academic criticism regarding adequacy of safeguards
ⓘ
transatlantic data protection debates ⓘ |
How these facts were elicited
The pipeline generated the facts above by prompting gpt-5.1 with this entity's name + description and the instruction below.
You are a knowledge base construction expert. Given a subject entity and a description of it, return factual statements that you know for the subject as a JSON list of dictionaries(triples), where keys must be "subject", "predicate" and "object". The number of facts may be very high, between 25 to 50 or more, for very popular subjects. For less popular subjects, the number of facts can be very low, like 5 or 10. # Requirements - If you don't know the subject at all, return an empty list. - If the subject is not a named entity, return an empty list. - Include at least one triple where predicate is "instanceOf". - Do not get too wordy. - Separate several objects into multiple triples with one object.
Subject: EU–US Data Privacy Framework Description of subject: The EU–US Data Privacy Framework is a transatlantic data-transfer agreement that sets rules and safeguards for protecting the personal data of EU citizens when it is transferred to and processed in the United States.
Referenced by (5)
Full triples — surface form annotated when it differs from this entity's canonical label.