Transatlantic data flows have been the main pillar of digital commerce between the United States (US) and European Union (EU).
The EU–US Privacy Shield was a framework for regulating transatlantic exchanges of personal data for commercial purposes between the European Union and the United States. Privacy Shield made it easier for US Companies to receive personal data from EU entities.
What is the Schrems II Ruling?
The Schrems II ruling invalidated the EU-US Privacy shield and other prior laws that are similar like Safe Harbor, and ruled that it did not adequately protect EU citizens’ data as per EU General Data Protection (GDPR) regulations when PII data flows between the European Union and United States. What this essentially means is that companies residing in the EU now need to take measures on their own to protect the confidential customer data and are no longer protected from liability.
Fortanix Data Security Manager delivers a cloud-scale pervasive data security platform that provides cryptographic services, secrets management, and tokenization across cloud and on-premises environments from a single centralized point of management, control, and audit. Organizations can create a control layer between the data controller and the data processors to help meet GDPR requirements around data audit, control, and erasure.