The EU – US Privacy Shield was a legal framework for regulating transatlantic exchanges of personal data to provide companies on both sides of the Atlantic with a mechanism to comply with data protection requirements. Its main purpose was to enable US companies to receive personal data from EU entities without violating EU privacy laws, such as GDPR, and protecting European Union citizens. The EU–US Privacy Shield went into effect on 12 July 2016 after it was approved by the European Commission.

However, the European Court of Justice announced that the EU – US Privacy Shield became invalid on 16 July 2020. As a result of that decision, the EU – US Privacy Shield framework is no longer valid to comply with EU data protection requirements when transferring personal data from the EU to the United States.

On 25 March 2022, the leaders of the US and EU announced a new data transfer framework called the Trans-Atlantic Data Privacy Framework (TADPF). The new framework would allow EU citizens to pursue data privacy violations through a new Data Protection Review Court. A final version of the TADPF is expected to be available by the end of 2022.

Read CookieScript privacy laws to follow up with the latest privacy regulations and be informed when TADPF will become active.