International commerce is a huge business, but one of the challenges involved in conducting international business is that different countries may have different laws concerning privacy and the handling of personal data. Many companies in the United States conduct business in Europe, and Europe is well known around the world for being avidly in support of customer data privacy. Many countries in Europe – Switzerland in particular – have a reputation for protecting customer privacy, and these countries often have strict laws concerning how personal data must be handled and protected.

There is great interest in ensuring that transatlantic business transactions take place legally, and as such the U.S. Department of Commerce has worked with Swiss authorities to develop a new Swiss-U.S. Privacy Shield framework under which U.S. companies can certify their compliance with Swiss data privacy laws. The U.S. Secretary of Commerce Wilbur Ross recently announced that the Swiss-U.S. Privacy Shield framework has officially launched online in the U.S. as of April 12, 2017.  

The Swiss-U.S. Privacy Shield Framework is Now Accepting Self-Certifications

The Privacy Shield framework provides U.S. companies with a mechanism that they can use in order to be in compliance with Swiss data protection laws when conducting transfers of personal data from Switzerland to the U.S. The new Swiss-U.S. Privacy Shield framework replaces the old U.S.-Swiss Safe Harbor Framework, which was formerly used by more than four thousand American companies. U.S. companies that were conducting business under the U.S.-Swiss Safe Harbor Framework will need to update their data handling and protection policies to ensure that they are in compliance with the new Swiss-U.S. Privacy Shield framework.

Once compliant, U.S. companies can self-certify their compliance with the Swiss-U.S. Privacy Shield framework through the International Trade Administration at the U.S. Department of Commerce. Certifications can be made online through the Privacy Shield website.  

• U.S. companies that are already self-certified under the EU-U.S. Privacy Shield framework can log on and self-certified under the Swiss-U.S. Privacy framework and pay the required fee with just a few clicks of the computer mouse.
• U.S. companies who are new to the Privacy Shield frameworks will be required to pay a separate annual fee to the International Trade Administration in addition to the required fee associated with self-certification under the Swiss-U.S. Privacy framework.

Benefits of the Swiss-U.S. Privacy Shield Framework

U.S. companies that certify under the Swiss-U.S. Privacy Shield framework are deemed to provide “adequate” privacy protection, which is a requirement in order to be able to transfer personal data from the U.S. to Switzerland. For companies that are unsure about how to become compliant, the Swiss-U.S. Privacy Shield framework clearly lays out a plan for compliance. Additionally, compliance is cost-effective, which is a benefit for small to mid-sized companies that want to conduct business in Switzerland.

Contact an Internet Lawyer

U.S. companies that have questions about becoming compliant under the Swiss-U.S. Privacy Shield framework can contact an experienced privacy attorney for guidance. The professionals at Revision Legal can help. Contact us using the form on this page or call us at 855-473-8474.