After 20 years of relative calm regarding the possession and transfer of personal information data of EU citizens to companies in the United States, events over the past six months have not just overturned the proverbial applecart but the entire produce section as well. And although the resolution of this recent mayhem has not yet come full circle, the general contour of that circle’s circumference has started to form due to events that occurred last month.
EU Directive
A brief historical perspective is helpful to fully appreciate the significance and enormity of the events of the past six months, especially for those not well-versed in this area of privacy law and regulation. In 1995, the European Commission, a collection of representatives from the EU countries (most often referred to as “member states”), issued the EU Data Protection Directive (often cited as Directive 95/46/EU) which, at the time, revolutionized the concept of personal information data protection.