Max Schrems certainly is not impressed by the EU-US Privacy shield comparing it to ten layers of lipstick on a pig. Pigs might take exception to be used in such a derogatory manner being the magnificent beasts they are.  Is Max Schrems glammed up porcine comparison correct? 

Really it remains to be seen. The Article 29 Working Party has confirmed that it intends to adopt an opinion on the EU-US Privacy Shield in mid-April. The European Commission has issued its adequacy decision along with the texts that will actually make up the Privacy Shield. The next steps are for the EU Data Protection Authorities and the European Data Protection Supervisor to have their say before formal adoption occurs. 

Let's hope clarity comes quickly - a recent survey by the Irish Computer Society's recent shows that three quarters of Irish business transfer data abroad. That's a whole lot of data and most of it will need an equivalent of Safe Harbour in order to be legitimately transferred. 

A crucial component of the Privacy Shield has now been signed into law in the US. The Judicial Redress Act grants EU citizens enforcement procedures in the US in respect of their data protection rights. This was a major issue with Safe Harbour. This is also the first time there has been written assurances from the US  with regard to EU citizens' data protection rights. There are exceptions though and the US is still retaining rights to collect data in several matters including cybersecurity and threats to national security. This still seems contrary to the EU view on bulk gathering of data. 

The Privacy Shield may not pass muster with the Article 29 Working party as a result. In the meantime uncertainty on international transfers reigns. Hopefully Privacy Shield is not a pig in a poke.