JAMS Privacy Shield Dispute Resolution
EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield Frameworks
JAMS is available to serve as your organization’s designated ADR provider and to assist in resolving disputes under U.S. Department of Commerce (DOC)-administered Privacy Shield Frameworks self-certification privacy compliance programs, up to the point of any final arbitration invoked in accordance with the procedures and conditions set forth in the EU-U.S. Privacy Shield Framework and/or the Swiss-U.S. Privacy Shield Framework. With a panel of over 400 neutrals around the world, JAMS specializes in resolving disputes of all sizes and levels of complexity and our neutrals have significant experience resolving issues involving privacy.
What are the EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield Frameworks?
The EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield Frameworks were designed by the U.S. Department of Commerce (DOC) and the European Commission and Swiss Government to provide organizations on both sides of the Atlantic with a mechanism to comply with EU and Swiss data protection requirements when transferring personal data from the European Union (EU) to the United States and from Switzerland to the United States in support of transatlantic trade. On July 12, 2016 the European Commission announced the approval of the EU-U.S. Privacy Shield Framework, as a valid mechanism to comply with EU data protection requirements when transferring personal data from the EU to the United States. And, on January 12, 2017 the Swiss government announced the approval of the Swiss-U.S. Privacy Shield Framework as a valid mechanism to comply with Swiss data protection requirements when transferring personal data from Switzerland to the United States.
On July 16, 2020, the Court of Justice of the European Union issued a judgment declaring as “invalid” the European Commission’s Decision (EU) 2016/1250 of 12 July 2016 on the adequacy of the protection provided by the EU-U.S. Privacy Shield. As a result of that decision, the EU-U.S. Privacy Shield Framework is no longer a valid mechanism to comply with EU data protection requirements when transferring personal data from the European Union to the United States. That decision does not relieve participants in the EU-U.S. Privacy Shield of their obligations under the EU-U.S. Privacy Shield Framework. On September 8, 2020 the Federal Data Protection and Information Commissioner (FDPIC) of Switzerland issued an opinion concluding that the Swiss-U.S. Privacy Shield Framework does not provide an adequate level of protection for data transfers from Switzerland to the United States pursuant to Switzerland’s Federal Act on Data Protection (FADP). As a result of that opinion, organizations wishing to rely on the Swiss-U.S. Privacy Shield to transfer personal data from Switzerland to the United States should seek guidance from the FDPIC or legal counsel. That opinion does not relieve participants in the Swiss-U.S. Privacy Shield of their obligations under the Swiss-U.S. Privacy Shield Framework. The DOC will continue to administer the Privacy Shield program, including processing submissions for self-certification and re-certification to the Privacy Shield Frameworks and maintaining the Privacy Shield List. (see https://www.privacyshield.gov/NewsEvents).
To join the Privacy Shield Frameworks, which are administered by the International Trade Administration (ITA) within the DOC, a U.S.-based organization will be required to self-certify to the DOC and publicly commit to comply with the respective Frameworks’ requirements. While joining either of these DOC-administered programs is voluntary, once an eligible organization makes the public commitment to comply with the respective Frameworks’ requirements, the commitment will become enforceable under U.S. law. All organizations interested in joining one or both of these DOC-administered programs should review the requirements in their entirety. The DOC’s Privacy Shield website provides useful information regarding the benefits and requirements of participation in these programs. U.S. Department of Commerce's Privacy Shield Frameworks Website
Requirements for System of Alternative Dispute Resolution (ADR)
U.S.-based organizations that self-certify their compliance under the Privacy Shield Frameworks must, amongst other things, provide readily available recourse mechanisms available to investigate unresolved complaints, including a system of alternative dispute resolution (ADR) by an independent third party. The independent recourse mechanisms must be in place prior to self-certification, and must be available at no cost to the individual. Although organizations self-certifying under either Privacy Shield Framework may utilize private sector developed dispute resolution programs for most categories of personal data covered under their self-certifications, those organizations covering human resources data (i.e., personal information about employees, past or present, collected in the context of the employment relationship) transferred from the EU or Switzerland must agree to cooperate and comply with the EU data protection authorities (DPAs) and Swiss Federal Data Protection and Information Commissioner respectively with regard to such data. Connect with us to learn more about JAMS serving as your organization's designated ADR provider.
Mediation Rules
Mediations will be conducted pursuant to JAMS International Mediation Rules unless the parties have specified a different set of Rules or Procedures. Download the JAMS International Mediation Rules.
Fees
JAMS DOES NOT charge any fees for an organization to name it as an ADR provider. If an organization names JAMS as its ADR provider under the EU-U.S. Privacy Shield or the Swiss-U.S. Privacy Shield, we request that you notify JAMS by completing this registration form.
When a consumer initiates a mediation or an arbitration against an organization (whether under JAMS Rules or another set of rules) all fees for the mediation, including the JAMS Case Management Fee, must be borne by the Organization. The fee arrangement is common to all Privacy Shield cases for the European Union and Switzerland. For any other matters, standard JAMS policies apply. Download the JAMS Privacy Shield Fee Schedule.
Name JAMS as Your Dispute Resolution Provider
If you wish to name JAMS as your Dispute Resolution provider under the EU-U.S. Privacy Shield or the Swiss-U.S. Privacy Shield Frameworks, please register using the link below.
Customer URL
The URL you will need to provide to your customers to open an EU-U.S. Privacy Shield or Swiss-U.S. Privacy Shield case is: https://www.jamsadr.com/eu-us-privacy-shield
File a Claim
If you are a consumer and wish to open an EU-U.S. Privacy Shield or a Swiss-U.S. Privacy Shield case, please file a claim using the link below.
Additional Resources
Questions/Contact
If you have any additional questions you may contact our Privacy Shield coordinator via email.
- Mara Satterthwaite, msatterthwaite@jamsadr.com
Privacy Shield Core Documents
- EU-U.S. Privacy Shield Framework - Adequacy Decision
- EU-U.S. Privacy Shield Framework - Annexes
- U.S. Department of Commerce - Privacy Shield Full Text
Name JAMS as Your Dispute Resolution Provider
If you wish to name JAMS as your Dispute Resolution provider under the EU-U.S. Privacy Shield program or the Swiss-U.S. Privacy Shield program, please register using the link below.
Preview Registration Form (PDF) ›
File a Claim
If you are a consumer and wish to open an EU-U.S. Privacy Shield or Swiss-U.S. Privacy Shield case, please file a claim using the link below.
Contact Information
- Mara E. Satterthwaite, Esq.
msatterthwaite@jamsadr.com - JAMS
3800 Howard Hughes Parkway, 11th Floor
Las Vegas, NV 89169
