The EU-US Data Privacy Framework (DPF) became effective on July 10, and on the same day, the European Commission adopted an Adequacy Decision relating to the DPF, as a successor of the EU-US Privacy Shield. While only those companies subject to the jurisdiction of either the Federal Trade Commission or the US Department of Transportation are eligible to self-certify their compliance with the DPF, the scope of eligibility is likely to broaden in the future.
Morgan Lewis partner Ronald Del Sesto and special legal consultant Axel Spies, along with associate Jiazhen Guo, recently published a LawFlash on the key requirements for self-certification and obligations for compliance with the DPF.