Skip to main content

JAMS ADR Insights

BROWSE TOPICS

The ADR Provisions of EU Privacy Laws

by: Kimberly Taylor, Esq.

Companies doing business globally have a variety of complex issues to deal with, not the least of which is concern about the security of personal data collected from their customers.

In 1995, the European Union issued Directive 95/46/EC, the Data Protection Directive, concerning the protection of individuals with regard to the processing and transfer of personal data.  Thereafter, the U.S. Department of Commerce (DOC), in consultation with the EU, developed the U.S.-EU Safe Harbor Framework.  This, along with the U.S.-Swiss Safe Harbor Framework, is a streamlined process for American companies to comply with the Data Protection Directive. The Framework enables U.S. organizations to transfer personal data from the EU to the U.S. provided the American company certifies with the DOC that it adheres to the Safe Harbor privacy principles. As of December 2013, more than 4,000 companies had certified compliance with the Safe Harbor program.

Despite the Safe Harbor Framework, concerns were raised recently within the EU about data privacy amidst revelations of surveillance of EU citizens’ data by the American government.  The European Commission (EC) undertook a review of the EU-U.S. Safe Harbor scheme to ensure that it adequately served the purpose of preserving EU citizens’ data protection right when that data was transmitted to the United States. Late last year, the EC issued a report concerning the operation of Safe Harbor and offered a number of recommendations to strengthen it.

The EC recommended that companies using the Safe Harbor process to self-certify compliance with the Data Privacy Directive be required to publicly disclose their privacy policies and include a link on their websites to the DOC list of currently certified members of the Safe Harbor. The company must also require its subcontractors to publish the privacy conditions of the terms of those subcontracting agreements. Those privacy policies should set out the extent to which U.S. law permits authorities to collect data under the Safe Harbor. Recognizing that arbitration and mediation are effective means of resolving disputes between consumer and companies, the EC also suggested changes to the already-existing requirement that companies must create a readily available and affordable mechanism for dealing with individual complaints, including a system of alternative dispute resolution (ADR) by an independent third party.

To continue reading about ADR Provisions of EU Privacy Laws, please read the full article from Law.com by clicking here.

EXPLORE MORE ON THESE TOPICS

Disclaimer:

This page is for general information purposes. JAMS makes no representations or warranties regarding its accuracy or completeness. Interested persons should conduct their own research regarding information on this website before deciding to use JAMS, including investigation and research of JAMS neutrals. See More

RELATED STORIES

Disclaimer

This website is not a solicitation for business. All content on the JAMS website is intended to provide general information about JAMS and an opportunity for interested persons to contact JAMS. The content of this website is not offered as legal advice or legal opinion and it should not be relied upon for any specific situation.  JAMS neutrals are not engaged in the practice of law and no attorney client relationship is intended.  This website is for informational purposes only and does not constitute a complete description of JAMS services. While JAMS endeavors to keep the information updated and correct, JAMS makes no representations or warranties of any kind, express or implied, about the completeness, accuracy, or reliability of the information contained in this website. 

SEE MORE

© 2025 JAMS. All rights reserved.

Scroll to top