At The Identity Organisation, we're here to help!

    Or drop us a mail!

    Your privacy is important to us, and we want to communicate with you in a way which has your consent and which is in line with UK Law on data protection. As a result of a change in UK law on 25th May 2018, by providing us with your personal details you consent to us processing your data in line with current GDPR requirements.

    Here is where you can review our Privacy & GDPR Statement

    To remove consent at any time, please e-mail info@tidorg.com with the word "unsubscribe" as the subject.

    +44 (0) 1628 308038 info@tidorg.com

    Three Key Takeaways From the Newly Adopted EU-US Data Privacy Framework You Need To Know

    On July 10th, the EU Commission adopted an adequacy decision for the proposed EU-U.S. Data Privacy Framework. This is exciting news for organizations, as many have been stuck in privacy “limbo” since the annulment of the previous EU-U.S. Data transfer mechanism, Privacy Shield, which was annulled due to challenges in court by privacy activist Max Schrems.

     The Privacy Shield mechanism was struck down by EU courts due to not having enough protections for EU residents against United States surveillance laws and executive orders, namely FISA 702, Executive Order 12333, and the CLOUD Act.

    The new framework seeks to address those issues to ensure that EU resident data is protected and that citizens have appropriate legal mechanisms to address any non-compliance with the safeguards required by the new framework.

    So what are the key takeaways for the new framework?

    1. Organizations now have a legal mechanism to transfer data from the EU to the U.S. without requirements to get a patchwork of data transfer mechanisms in place, namely Standard Contractual Clauses and Binding Corporate Rules, which can be burdensome for organizations to manage at scale. Organizations will be able to self-certify to the new mechanism, and the approved certification will be considered an attestation to compliance with the data protection requirements of the EU Commission.
    2. The United States government established a new executive order that provides protections for EU resident data that is being transferred to the United States. These include limited access to EU data by U.S. intelligence agencies, the implementation of a new redress mechanism, and the establishment of the Data Protection Review Court. Establishing these key protections was crucial to bringing the new EU-US Data Privacy Framework to fruition.
    3. The new Framework is based on a set of core data protection principles; such as transparency of data processing, the right to data access, and purpose limitation. These are not new to the privacy community; however, organizations will need to ensure that their privacy programs include these principles and are complied with accordingly.

    The question still remains: will the new framework usher in a new era of data protection and continued flows of data from the EU to the U.S., or will it be another mechanism that is challenged in court and struck down in a few years’ time? In our opinion, no mechanism comes without its faults; however, this is a great step up from the previous iterations and provides significantly more protections for EU resident data processed in the United States.

    At KnowBe4, we are committed to privacy and security and will be committing to the new EU-U.S. Data Privacy Framework as soon as it becomes generally available for organizations to certify. We will continue to monitor its developments to ensure that we are up to date with any new requirements imposed by the EU Commission or other regulatory body.

    Free Phishing Security Test

    Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

    Here’s how it works:

    • Immediately start your test for up to 100 users (no need to talk to anyone)
    • Select from 20+ languages and customize the phishing test template based on your environment
    • Choose the landing page your users see after they click
    • Show users which red flags they missed, or a 404 page
    • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
    • See how your organization compares to others in your industry
    Go Phishing Now

    PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/phishing-security-test-partner?partnerid=001a000001lWEoJAAW

    Sign Up to the TIO Intel Alerts!

    Back To Top