Connect with us


What U.S. companies should consider following the bombshell EU Privacy Shield ruling



Our mission to help you navigate the new normal is fueled by subscribers. To enjoy unlimited access to our journalism, subscribe today.

If you’re an American company with European users or customers, and you transfer their personal data to the U.S. for company use, you need to be aware of what just went down at the EU’s top court today.

That’s because the Court of Justice (CJEU) just made a huge ruling. The upshot: it’s possible you will no longer be able to serve people in the EU—if not now, then in the not-too-distant future.

You can read our full story on that ruling separately, but here’s a quick run through the implications. And again, those implications could be immediate, depending on your circumstances.

Privacy Shield

U.S. companies using Europeans’ personal data need some sort of legal justification for doing so. That’s because the U.S. lacks an EU-strength federal privacy law (or indeed any comprehensive federal privacy law at all.)

By far the easiest way to keep things legal was to sign up to the so-called Privacy Shield register—essentially, self-certifying that the company will stick to EU rules. This register was created under a trans-Atlantic deal of the same name, struck between the U.S. and EU in 2016.

That deal is now dead. The CJEU on Thursday cancelled it with immediate effect, basically for two reasons: it didn’t stop U.S. intelligence from poking around companies’ data even if they were on the list; and there was no effective way for EU citizens to file a complaint about this in the U.S.

The U.S. Department of Commerce reacted by indicating it would be, in a sense, business as usual. In a statement expressing disappointment with the ruling, the department said it would “continue to administer the Privacy Shield program, including processing submissions for self-certification and re-certification to the Privacy Shield Frameworks and maintaining the Privacy Shield List.”

“Today’s decision does not relieve participating organizations of their Privacy Shield obligations,” it added.

The Europeans beg to differ. To paraphrase Monty Python’s Dead Parrot sketch, Privacy Shield has passed on; it has kicked the bucket; it has shuffled off its mortal coil, run down the curtain and joined the bleeding choir invisible. It is an ex-agreement.

So you can continue to abide by the register’s obligations—essentially, respecting EU privacy law as best you can—but that no longer means your EU-U.S. data transfers are legal in European eyes. Which was the whole point of the register to start with.

(There may still be a legal reason to keep those promises over in the U.S., though. “Companies that have made privacy promises under Privacy Shield could be subject to enforcement for deceptive practices if they do not live up to those privacy promises,” said Peter Swire, a senior counsel at law firm Alston & Bird.)

Eline Chivot, senior policy analyst at the Center for Data Innovation, described the impact well in a statement Thursday: “The decision delivers a severe blow to the operations of over 5,000 European and American companies who use the EU-U.S. Privacy Shield as the legal basis for transatlantic data transfers. It will immediately upend, and in many cases even halt, data transfers between the EU and the United States, leaving many businesses with no suitable alternative.”

Standard contractual clauses

But what if Privacy Shield isn’t your only legal basis for those transfers?

Some U.S. companies such as Facebook (the firm involved in this particular case) and Microsoft have for years also been relying on a mechanism called “standard contractual clauses,” or SCCs. These are, as the name suggests, oven-ready clauses that the European Commission wrote, again outlining a range of rights and responsibilities in line with the EU’s strict GDPR privacy law.

The court did not strike down SCCs, though it had the option to do so.

It said SCCs were fine in general because an EU privacy regulator can still invalidate them on a case-by-case basis if a company is breaking the clauses’ terms or is unable to stick to them—because, say, it can’t stop the intelligence services back home from conducting mass surveillance on the data.

This is where the striking-down of the Privacy Shield becomes a problem for Facebook and any other big American tech company relying on SCCs to send Europeans’ data over to the U.S.

Although the Snowden revelations of 2013 led to some limited reforms in U.S. surveillance law, Section 702 of the Foreign Intelligence Surveillance Act (FISA) still allows for the mass collection of non-Americans’ personal data from Big Tech firms.

Some in the U.S. argue that surveillance only starts when the agencies actually look at the data—which is a more restricted activity. But the Europeans see surveillance as starting at the point of collection. So in European eyes, the U.S. regularly conducts mass surveillance on Europeans’ data—and there’s nothing the U.S. companies handling that data can do about it.

That’s serious enough to have scuppered Privacy Shield (and its predecessor, Safe Harbor) so it is difficult to see how the SCCs used by a company like Facebook can survive if challenged before an EU privacy authority.

“Although the system of standard contractual clauses will remain in principle and the standard contracts concluded will initially remain in force, they will have to be reviewed and, if necessary, suspended by the data protection authorities in the light of the [CJEU] ruling,” wrote former German data protection chief Peter Schaar in a blog post.

So what now?

Of course, not every American company serving Europeans is a Facebook or Google. If you don’t have U.S. agencies scrutinizing your data under Section 702 of FISA—if, for example, you’re an airline or a retailer—then SCCs could still work for you.

The big difference now is that you’ll first have to convince EU privacy regulators that European customers’ data isn’t subject to surveillance in the U.S.

“Data exporters and importers using the standard contract clauses must verify the level of protection in the [country where the data is going] first.  The importer also has a duty to report any issues to the exporter,” said Tony Vitale, a partner at JMW Solicitors, in a statement.

And if your processing of Europeans’ personal data is “necessary” for the fulfillment of your user contracts—if you’re an email provider handling emails, for example—then that’s also automatically kosher under EU law.

“The court explicitly highlighted that the invalidation of the Privacy Shield will not create a ‘legal vacuum’ as crucially necessary data flows can be still undertaken,” said Max Schrems, the litigant who brought the case, said in a statement after the ruling came through.

But an awful lot of U.S. companies, big and small, are still likely to be flailing around now, looking for a legal solution to a problem that abruptly landed in their laps on Thursday morning.

The only reliable, long-term solution would be changes in U.S. privacy and surveillance law. Expect to see Silicon Valley’s lobbying efforts step up on that front very soon.

More must-read international coverage from Fortune:

Continue Reading


This Platform Uses Analytics to Help You Find the Best Real Estate Investing Opportunities



They say the best investment on Earth is earth, but real estate is a risky business. While it’s undoubtedly a lucrative form of investment, your success isn’t guaranteed unless you play your cards right and study the field with utmost scrutiny.

It pays to have tools that can help you with the process and reap profits, and luckily, there’s one platform that can help you on that front: Mashvisor.

A one-stop site to find traditional or Airbnb properties worth investing in, Mashvisor uses automation to assist you in identifying potential investments within mere minutes. Instead of having you pore over spreadsheets and spend months on tedious research, it leverages technology, real estate data, and analytics to shorten the process to identify the best investment opportunity for you.

Here’s how it works:

Just key in any city of interest, and you’ll immediately receive an overview of the investment opportunities within that area. You’ll get the lowdown on the kind of returns a property will be able to provide, as well as the things you’ll need to do to outperform the rental market. Plus, thanks to the interactive filters available, you’ll also get other pertinent data, including sales history, tax history, market performance, occupancy rates, and many more.

Real estate investing doesn’t have to be tough. For a limited time, you can grab a lifetime subscription to Mashvisor for only $39.99 — 97% off the usual cost of $1,499.


Sponsored content

Continue Reading


Meeting the reskilling challenge



Good morning.

If there is one issue that motivates CEOs at the forefront of the stakeholder capitalism movement, it is training and upskilling. They see the dangerous fissures that exist between the highly educated and the less so—a gap that widened during the pandemic. And they understand that technological change is driving that gap ever wider. While the pandemic, racial injustice and climate change may get more attention from society at large, it’s the reskilling challenge for which CEOs feel most directly responsible.

Deanna Mulligan, who is stepping down as CEO of Guardian Life Insurance at year’s end, is one of those CEOs, and she has put her passion into a new book out next week: Hire Purpose: How Smart Companies Can Close the Skills <em>Gap. I spoke with Mulligan earlier this week, and she told me about her evolution on the issue.

Mulligan joined Guardian in 2008, in the midst of the Great Recession. Guardian “wasn’t wildly impacted by the recession, but I was looking around and seeing so many of my friends losing jobs.” When she became CEO in 2011, she realized a combination of pervasive low interest rates and technological change was going to drive huge disruption for her company and her employees. “I said to myself, I don’t want to be one of those companies that has to turn all these people out on the streets.”

She started a program to teach people in the company’s call centers to write code, teamed with General Assembly to teach actuaries to be data analysts, and developed a program of “train in, train out”—providing two years tuition at a local community college for workers whose jobs were eliminated.

“Companies have an obligation to society to try and do this,” she said. “And it’s less expensive than firing people.” Like a number of her CEO colleagues, she is committed to extending such programs beyond her own employees. “It’s very important that we do this at scale.”

We’ll be talking about this topic more on Monday, at the annual meeting of the Fortune CEO Initiative. Mulligan will be there, along with a great group of CEOs. A partial list: Vas Narasimhan of Novartis, Mark Schneider of Nestle, Aneel Bhusri of Workday, Michelle Gass of Kohl’s, Francesco Starace of Enel, Tiger Tyagarajan of Genpact, Jim Fitterling of Dow, Julie Sweet of Accenture, Enrique Lores of HP, Antonio Neeri of HPE, Kevin Sneader of McKinsey, Joe Ucuzoglu of Deloitte, and Sonia Syngal of Gap. Ford Foundation President Darren Walker also will join, along with two U.S. governors who have been working on the retraining challenge: Maryland’s Larry Hogan and Rhode Island’s Gina Raimondo.

More news below.

Alan Murray

Continue Reading


Debate night was a tamer affair, as are stock markets today



This is the web version of the Bull Sheet, Fortune’s no-BS daily newsletter on the markets. Sign up to receive it in your inbox here.

Happy Friday, Bull Sheeters. There’s still no progress on a stimulus deal, but there’s plenty of economic data, corporate and political news to focus on.

On that note, we’re a mere eleven days to the presidential election. More than 47 million Americans have already voted. That’s a record.

Meanwhile, U.S. futures have been trading sideways all morning. Stock gains have been muted for much of the past two weeks as investors brace for the likeliness there won’t be a stimulus deal before Election Day.

Let’s check in on the action.

Markets update


  • The major Asia indexes were mostly higher in afternoon trading with Japan’s Nikkei up 0.2%.
  • Not long ago Chinese startup Renrenche was a darling, fetching unicorn valuation status and a roster of bluechip investors, including Goldman Sachs. Now it may need to sell its core asset for little more than 1,200 bucks.
  • Goldman Sachs is hoping to finally put the 1MDB bribery scandal behind it after agreeing to pay nearly $3 billion in fines to settle the affair that started a decade ago in Malaysia. The settlement “includes the highest penalty ever under the Foreign Corrupt Practices Act,” Bloomberg reports.


  • The European bourses were flat at the open. And then Germany reported better than expected manufacturing data, lifting the euro and stocks. The Europe Stoxx 600 was up roughly 0.5% two hours into the trading session.
  • Economists now predict the ECB will boost monetary stimulus by a further €500 billion—bringing the total to €1.85 trillion ($2.18 trillion)—as soon as next month to keep the COVID-stricken economy from falling into a deep recession.
  • Daimler shares were up 1.7% in mid-morning trade after the carmaker revised upwards its full-year forecast thanks to solid growth in China.


  • U.S. futures are in the red. That’s after the three major indexes eked out gains yesterday in incredibly volatile trade.
  • In premarket trading, Gilead Sciences shares were up as much as 7% after its remdesivir got FDA approval to treat COVID-19. As Fortune‘s Sy Mukherjee notes, remdesivir is “not a save-all” treatment, but the regulatory approval is significant.
  • Shares in Tesla are flat in pre-market trading after a modest bump yesterday. Investors cheered the latest profit beat, but doubts linger over whether that will be enough to vault the EV maker into the S&P 500.
  • Looking ahead: we get the latest batch of manufacturing data before the bell. Let’s see if it can match today’s rosy German numbers.


  • Gold is up, trading just above $1,910/ounce.
  • The dollar is down.
  • Crude is down. Brent continues to trade just above $42/barrel.


By the numbers


We don’t talk often about Bitcoin and its ilk here on Bull Sheet, if only because there’s so much to say about equities and other asset classes. But cryptocurrencies are on a tear at the moment, and worth talking about today. Yesterday, Bitcoin hit a 16-month high, topping $13,100, after PayPal announced it would let users buy a handful of cryptocurrencies, including Ethereum and Bitcoin. As Fortune‘s Bitcoin specialist Jeff John Roberts notes, “Bitcoin is notoriously volatile (though considerably less so than during its early days), and it is often hard to identify single factors that explain price swings. While this week’s surge was almost certainly spurred in large part by the PayPal news, there may be other tailwinds driving the price up.” One theory is that investors are souring on the gold trade, and hopping on the crypto bull run.


The Dow Jones Industrial Average closed yesterday at 28363.66—that’s a loss of 130.54 points (-0.4%) over the past five trading days. The stimulus rally continues to show signs of running out of gas. The three major exchanges have been trading in a tight range for much of the past two weeks—going sideways.

5 vs. 495

We’ve talked a lot here about the incredible 2020 bull run for the S&P Five, a.k.a., the FAAMG—Facebook, Apple, Amazon, Microsoft, Google—stocks. Their dominance appears locked in for quarters—and perhaps years—to come as they are not just out-growing the pack, they’re also out-investing the pack. According to Goldman Sachs, the cash-rich FAAMG quintet have a sizable edge in Capex and R&D spending, suggesting they’re sinking big sums into longterm bets while the laggards pull back. It also helps that FAAMG stocks are well ahead in plowing cash into buybacks and dividends, helping driving up their stock prices.


Have a nice weekend, everyone. I’ll see you here on Monday. 

Bernhard Warner

As always, you can write to or reply to this email with suggestions and feedback.

Continue Reading


Copyright © 2020 Black Biz Daily News