• Home
  • Imprint
  • Privacy policy
  • Terms
  • Agile and lean law firm
  • Ideal partner
  • Contact
  • Videos
ITMediaLaw - Rechtsanwalt Marian Härtel
  • en English
  • de Deutsch
  • About lawyer Marian Härtel
    • About lawyer Marian Härtel
      • Ideal partner
      • About lawyer Marian Härtel
      • Video series – about me
      • Why a lawyer and business consultant?
      • Principles as a lawyer
      • Focus on start-ups
      • Nerd und Rechtsanwalt
      • Ideal partner
      • How can I help clients?
    • Über die Kanzlei
      • How clients benefit from my network of colleagues, partners and service providers
      • Quick and flexible access
      • Agile and lean law firm
      • Team: Saskia Härtel – WHO AM I?
      • Price overview
    • How can I help clients?
    • Sonstige Informationen
      • Einwilligungen widerrufen
      • Privatsphäre-Einstellungen ändern
      • Historie der Privatsphäre-Einstellungen
      • Privacy policy
    • Testimonials
    • Imprint
  • Leistungen
    • Focus areas of attorney Marian Härtel
      • Support with the foundation
      • Games law consulting
      • Advice in e-commerce
      • Support and advice of agencies
      • Legal advice in corporate law: from incorporation to structuring
      • Legal compliance and expert opinions
      • Streamers and influencers
      • Cryptocurrencies, Blockchain and Games
      • Outsourcing – for companies or law firms
    • Arbeitsschwerpunkte
      • Games and esports law
        • Esports. What is it?
      • Corporate law
      • IT/IP Law
      • Consulting for influencers and streamers
        • Influencer & Streamer
      • Contract review and preparation
      • DLT and Blockchain consulting
        • Blockchain Overview
      • Investment advice
      • AI and SaaS
  • Artikel/News
    • Langartikel / Guides
    • Law and computer games
    • Law and Esport
    • Law on the Internet
    • Blockchain and web law
    • Online retail
    • Data protection Law
    • Copyright
    • Competition law
    • Copyright
    • EU law
    • Law on the protection of minors
    • Labour law
    • Tax
    • Kanzlei News
    • Other
  • Videos/Podcasts
    • Videos
    • Podcast
      • ITMediaLaw Podcast
      • ITMediaLaw Kurz-Podcast
  • Knowledge base
  • Contact
Kurzberatung
  • About lawyer Marian Härtel
    • About lawyer Marian Härtel
      • Ideal partner
      • About lawyer Marian Härtel
      • Video series – about me
      • Why a lawyer and business consultant?
      • Principles as a lawyer
      • Focus on start-ups
      • Nerd und Rechtsanwalt
      • Ideal partner
      • How can I help clients?
    • Über die Kanzlei
      • How clients benefit from my network of colleagues, partners and service providers
      • Quick and flexible access
      • Agile and lean law firm
      • Team: Saskia Härtel – WHO AM I?
      • Price overview
    • How can I help clients?
    • Sonstige Informationen
      • Einwilligungen widerrufen
      • Privatsphäre-Einstellungen ändern
      • Historie der Privatsphäre-Einstellungen
      • Privacy policy
    • Testimonials
    • Imprint
  • Leistungen
    • Focus areas of attorney Marian Härtel
      • Support with the foundation
      • Games law consulting
      • Advice in e-commerce
      • Support and advice of agencies
      • Legal advice in corporate law: from incorporation to structuring
      • Legal compliance and expert opinions
      • Streamers and influencers
      • Cryptocurrencies, Blockchain and Games
      • Outsourcing – for companies or law firms
    • Arbeitsschwerpunkte
      • Games and esports law
        • Esports. What is it?
      • Corporate law
      • IT/IP Law
      • Consulting for influencers and streamers
        • Influencer & Streamer
      • Contract review and preparation
      • DLT and Blockchain consulting
        • Blockchain Overview
      • Investment advice
      • AI and SaaS
  • Artikel/News
    • Langartikel / Guides
    • Law and computer games
    • Law and Esport
    • Law on the Internet
    • Blockchain and web law
    • Online retail
    • Data protection Law
    • Copyright
    • Competition law
    • Copyright
    • EU law
    • Law on the protection of minors
    • Labour law
    • Tax
    • Kanzlei News
    • Other
  • Videos/Podcasts
    • Videos
    • Podcast
      • ITMediaLaw Podcast
      • ITMediaLaw Kurz-Podcast
  • Knowledge base
  • Contact
ITMediaLaw - Rechtsanwalt Marian Härtel
Home Data protection Law

A breakthrough in data protection diplomacy: EU and US move closer to an adequacy decision

4. July 2023
in Data protection Law
Reading Time: 4 mins read
0 0
A A
0
hacker 4031973 1280
Key Facts
  • GDPR sets high standards for data protection and data security in the EU.
  • Abolition of the Privacy Shield causes uncertainty for companies that use US service providers.
  • Adequacy decision could create legal certainty and simple data transfer.
  • Easier access to innovative US services in areas such as cloud computing and artificial intelligence.
  • Strengthening transatlantic relations and cooperation in the area of data protection.
  • EU companies could use US services more securely and efficiently.
  • Important step towards creating a stable data protection framework for the digital economy.

Introduction

Content Hide
1. Introduction
2. The discontinuation of the Privacy Shield and its consequences
3. A historic step
4. Why is an adequacy decision necessary?
4.1. Legal certainty for companies
4.2. Simplification of data transmission
4.3. Access to innovative services
4.4. Strengthening transatlantic relations
5. Effects on companies
6. Final thoughts

In a world that is increasingly networked, the protection of personal data plays a crucial role. Every day, vast amounts of data are generated, exchanged and analyzed. This data may include sensitive information, such as personal identifiers, financial data, or health information. In this context, the European Union has taken on a pioneering role with the General Data Protection Regulation (GDPR) by setting high standards for data protection and data security.

The GDPR, which came into force in May 2018, sets strict rules for the processing of personal data of EU citizens, regardless of where the data processor is located. This means that companies and service providers from third countries, including the USA, that process data of EU citizens must also comply with the requirements of the GDPR.

For many companies outside the EU, especially in the U.S., this presented a significant challenge. Adapting to the GDPR often required extensive changes in data protection practices and policies. In addition, companies needed to ensure they had the necessary mechanisms in place to obtain user consent, store data securely, and report data breaches.

In this complex environment, the need for cooperation between the EU and third countries, especially the US, is obvious. Such cooperation can help eliminate legal uncertainties and facilitate the flow of data while ensuring a high level of data protection.

The discontinuation of the Privacy Shield and its consequences

Before we get into the significance of the new step, it is important to understand the context. Until 2020, European companies could rely on the EU-US Privacy Shield agreement to lawfully transfer data to the US. The Privacy Shield was a mechanism that allowed companies to transfer personal data from the EU to the U.S. on the condition that U.S. companies complied with certain data protection standards.

However, in July 2020, the European Court of Justice (ECJ) declared the Privacy Shield invalid. The decision, known as Schrems II, found that the Privacy Shield did not provide sufficient protection for European citizens’ data, particularly with regard to U.S. government access to that data.

The elimination of the Privacy Shield left a legal void and created significant uncertainty for European companies that relied on U.S. service providers. Without a recognized mechanism for transferring data, companies have had to find alternative solutions, such as standard contractual clauses, which are often complex and difficult to implement.

A historic step

On July 3, 2023, U.S. Commerce Secretary Gina Raimondo issued a statement announcing that the U.S. government had taken a significant step toward reaching an adequacy decision with the European Union in the area of data protection. This move could have far-reaching implications for companies using cloud services and software-as-a-service (SaaS) from the US. The full statement can be found on the official website of the U.S. Department of Commerce(source).

Why is an adequacy decision necessary?

Legal certainty for companies

An adequacy decision would restore legal certainty for European companies seeking to use U.S. service providers. It would clarify that the U.S. provides an adequate level of data protection, eliminating the need for complex contractual arrangements.

Simplification of data transmission

Currently, companies that transfer data to the U.S. often have to implement elaborate contracts and security measures. If it can be reliably implemented at all (and some assume that it can). An adequacy decision would greatly simplify this process by providing a clear legal basis for data transfer.

Access to innovative services

U.S. vendors are often leaders in areas such as cloud computing, artificial intelligence and software-as-a-service (SaaS). An adequacy decision would make it easier for European companies to benefit from these innovative services without violating the GDPR.

Strengthening transatlantic relations

An adequacy decision would also strengthen economic relations between the EU and the United States. It would send a signal that both sides are willing to work together and set standards that respect citizens’ privacy.

Effects on companies

Many European companies use US-based SaaS providers and cloud services. Until now, the use of these services has often been problematic due to the different data protection standards. An adequacy decision would allow companies to use U.S. services with greater security and less red tape. This could also strengthen the competitiveness of US service providers on the European market.

Final thoughts

The U.S. government’s announcement is a step in the right direction to address the challenges created by the elimination of the Privacy Shield. It is critical that both the EU and the U.S. continue to work together constructively to create a stable and sustainable framework for data protection that meets the needs of businesses and protects the privacy of citizens. In an era where data is considered the new oil, it is imperative that data flows efficiently and securely across borders. An adequacy decision would not only strengthen economic relations, but also promote citizens’ confidence in the digital economy.

It remains to be seen how the negotiations will develop and what concrete measures will be taken to ensure data protection standards. European companies should follow developments closely and prepare to adapt their data protection practices accordingly.

In a globalized world, it is essential that international data protection standards go hand in hand. The U.S. government’s move could be a milestone on the road to a harmonized data protection environment that promotes both privacy and economic cooperation.

Tags: Legal certaintyPrivacySaas

Beliebte Beträge

Data leak in startup practice: GDPR reporting and damage limitation

dsgvo
29. April 2025

Young start-ups and solopreneurs often focus on agile development and rapid growth - but a data leak can put an...

Read moreDetails

Data protection, anonymity and third-party chatter: GDPR risks and solutions for OnlyFans Creator

Data protection, anonymity and third-party chatter: GDPR risks and solutions for OnlyFans Creator
12. May 2025

OnlyFans has revolutionized the income opportunities for adult content creators - but with success comes legal challenges. In particular, data...

Read moreDetails

Data protection and anonymity for OnlyFans creators, agencies, brokers and chatter agencies

Data protection and anonymity for OnlyFans creators, agencies, brokers and chatter agencies
10. May 2025

OnlyFans and similar platforms for erotic content are booming - but as their popularity grows, so do the data protection...

Read moreDetails

Legally compliant archiving of emails: legal requirements and practical implementation

Legally compliant archiving of emails: legal requirements and practical implementation
14. March 2025

It is impossible to imagine modern corporate communication without e-mail. It is not only used for the rapid exchange of...

Read moreDetails

Risks when hosting personal data on US cloud servers

Risks when hosting personal data on US cloud servers
18. February 2025

Hosting personal data on cloud servers from US providers poses significant risks for European companies, particularly with regard to compliance...

Read moreDetails

SaaS contract for marketing tools

da785cff1bca5b6897d0d4cacf7359ff
15. November 2024

When I helped set up CPMStar, one of the first major gaming marketing agencies in Germany, a few years ago,...

Read moreDetails

BGH ruling on damages for data protection breaches

BGH: Women also gamble on first-person shooters
8. December 2024

The ruling by the German Federal Court of Justice (BGH) on November 18, 2024 has put an abrupt end to...

Read moreDetails

New cookie regulation: a step towards simplifying digital consent?

Esport: Sports Committee of the BT meets Wednesday
8. December 2024

On September 4, 2024, the Federal Government adopted the Consent Management Ordinance (EinwV). This new ordinance is based on Section...

Read moreDetails

Multi-tenant architectures in the SaaS sector: data separation and compliance requirements

6e405ef66c83bf9de2066fb73a1deafc
9. November 2024

Multi-tenant architectures are the backbone of modern SaaS solutions, as they enable efficient use of resources and scalability. However, they...

Read moreDetails
  • Home
  • Imprint
  • Privacy policy
  • Terms
  • Agile and lean law firm
  • Ideal partner
  • Contact
  • Videos
Marian Härtel, Rathenaustr. 58a, 14612 Falkensee, info@itmedialaw.com

Marian Härtel - Rechtsanwalt für IT-Recht, Medienrecht und Startups, mit einem Fokus auf innovative Geschäftsmodelle, Games, KI und Finanzierungsberatung.

Welcome Back!

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Fill the forms below to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
  • Contact
  • Leistungen
    • Support with the foundation
    • Focus areas of attorney Marian Härtel
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Games law consulting
    • Support and advice of agencies
    • Legal advice in corporate law: from incorporation to structuring
    • Cryptocurrencies, Blockchain and Games
    • Investment advice
    • Booking as speaker
    • Legal compliance and expert opinions
    • Legal advice in corporate law: from incorporation to structuring
    • Contract review and preparation
  • About lawyer Marian Härtel
    • About lawyer Marian Härtel
    • Agile and lean law firm
    • Focus on start-ups
    • Principles as a lawyer
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Why a lawyer and business consultant?
    • Focus on start-ups
    • How can I help clients?
    • Team: Saskia Härtel – WHO AM I?
    • Testimonials
    • Imprint
  • Videos
    • Video series – about me
    • Information videos – about Marian Härtel
    • Videos on services
    • Blogpost – individual videos
    • Shorts
    • Third-party videos
    • Podcast format
    • Other videos
  • Knowledge base
  • Podcast
  • Blogposts
    • Lange Artikel / Ausführungen
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Labour law
    • EU law
    • Corporate
    • Competition law
    • Copyright
    • Tax
    • Internally
    • Other
  • en English
  • de Deutsch
Kostenlose Kurzberatung