EU–US Data Privacy Framework

E221480

The EU–US Data Privacy Framework is a transatlantic data-transfer agreement that sets rules and safeguards for protecting the personal data of EU citizens when it is transferred to and processed in the United States.

All labels observed (4)

How this entity was disambiguated

Statements (49)

Predicate Object
instanceOf EU–US data protection arrangement
data transfer framework
international agreement
adoptedBy European Commission
appliesTo personal data of EU data subjects transferred to the United States
basedOn GDPR
surface form: EU General Data Protection Regulation
concerns cross-border data flows between the EU and the US
enforcedBy United States Department of Transportation
surface form: US Department of Transportation

Federal Trade Commission
surface form: US Federal Trade Commission
establishes a certification mechanism for US organizations
follows EU–US Privacy Shield
hasAlternativeName EU–US Data Privacy Framework
surface form: Data Privacy Framework

EU–US Data Privacy Framework
surface form: EU-U.S. Data Privacy Framework
includes Data Protection Review Court
commitments regarding access to data by US national security authorities
data protection principles for participating US organizations
independent dispute resolution mechanisms
limitations and safeguards on US government access to EU personal data
obligations on US companies receiving EU personal data
oversight by US authorities
redress mechanisms for EU data subjects
jurisdiction European Union
United States of America
surface form: United States
legalBasis European Commission adequacy decision
monitoredBy European Data Protection Board
surface form: EU data protection authorities

European Commission
negotiatedBy European Commission
United States government
surface form: United States Government
provides EU data subjects with access rights to their personal data
EU data subjects with complaint and redress mechanisms
EU data subjects with rights to rectification of inaccurate data
purpose to enable lawful transfers of personal data from the EU to the US
to ensure an adequate level of protection for EU personal data in the US
regulates transfers of personal data from EU controllers and processors to certified US organizations
relatedTo EU–US Privacy Shield
EU–US Privacy Shield
surface form: Safe Harbor Privacy Principles

EU–US Privacy Shield
surface form: Schrems I judgment

Data Protection Commissioner v Facebook Ireland and Maximillian Schrems
surface form: Schrems II judgment
replaces EU–US Privacy Shield
EU–US Data Privacy Framework self-linksurface differs
surface form: Safe Harbor framework
requires US organizations to self-certify compliance
data security measures by participating US organizations
limitations on data retention
onward transfer safeguards when data is shared with third parties
transparency about data processing by participating US organizations
sector data protection
international data transfers
subjectOf legal and academic criticism regarding adequacy of safeguards
transatlantic data protection debates

How these facts were elicited

Referenced by (5)

Full triples — surface form annotated when it differs from this entity's canonical label.

European Union–United States relations hasKeyFramework EU–US Data Privacy Framework
EU–US Privacy Shield successorFramework EU–US Data Privacy Framework
EU–US Data Privacy Framework hasAlternativeName EU–US Data Privacy Framework
this entity surface form: EU-U.S. Data Privacy Framework
EU–US Data Privacy Framework hasAlternativeName EU–US Data Privacy Framework
this entity surface form: Data Privacy Framework
EU–US Data Privacy Framework replaces EU–US Data Privacy Framework self-linksurface differs
this entity surface form: Safe Harbor framework