BBB EU Privacy Shield

The EU-U.S. and Swiss-U.S. Privacy Shield Frameworks were created as a mechanism for transferring personal data from the European Union and Switzerland to the United States. Designed by the U.S. Department of Commerce to support transatlantic commerce in coordination with the European Commission, in 2016, and Swiss Administration, in 2017, the Privacy Shield Frameworks replaced the former US-EU Safe Harbor Framework. The Privacy Shield promotes greater transparency around international data processing and enables U.S. businesses to demonstrate that their privacy practices meet data protection standards such as GDPR, including enhanced protections for consumers.

• Update, July 2020: Please see our guidance on the Schrems II decision for up-to-date information about the status of the Privacy Shield Frameworks.
• Update March 2022: On March 25, 2022, the EU Commission and the US announced they had agreed, in principle, on a new Trans-Atlantic Data Privacy Framework (TADPF).
• Update October 2022: On October 7, 2022, President Biden signed the Executive Order On Enhancing Safeguards For United States Signals Intelligence Activities (EO), providing the legal basis for the new transatlantic data flow mechanism that was agreed upon, in principle, in March 2022. The updated name of the mechanism is the EU-U.S. Data Privacy Framework (DPF).   

• October 2022: BBB National Programs’ Statement on Executive Order to Implement the European Union-U.S. Data Privacy Framework
• March 2022:  BBB National Programs’ Statement on EU-U.S. Agreement in Principle on New Framework for Transatlantic Data Flows
• December 2020:  Status Update on Transatlantic Data Transfers
• September 2020:  Schrems II – What Do Privacy Shield Businesses Need to Know?
• September 2020:  September 2020: Now What? Cross-Border Data Transfers After Schrems II

Privacy Shield helps U.S. businesses to receive and process personal data from the EAA countries, the United Kingdom, and Switzerland after self-certifying their adherence to the protections set out in the Privacy Shield Principles. Your public self-certification to Privacy Shield with the U.S. Department of Commerce will ensure that European organizations and consumers know your business provides enhanced privacy protection when: 

• You are expanding your operations into Europe and collecting EU, U.K., or Swiss customer data; 

• You are processing EU, U.K., or Swiss data in the U.S. for a business partner using Privacy Shield; or 

• In other situations where your business is using personal data of EU, U.K., or Swiss individuals. 

Benefits of BBB EU Privacy Shield: 

For your business: 

• Demonstrated expertise in data privacy for more than 20 years.  

• Practical assistance to businesses of all sizes in navigating Privacy Shield requirements and the self-certification and recertification processes.

• Ensures prompt responses to privacy inquiries and complaints. 

For your consumers: 

• BBB National Programs is the most trusted name in consumer dispute resolution. 

• Online complaints process provides accessible, transparent dispute resolution, enhancing customer service. 

• Services always provided free of charge to EU or Swiss individuals. 

• Speedy, impartial resolution through our staff conciliation process or independent Data Privacy Review.