Israel’s Privacy Protection Authority on September 29, declared that cross-border data transfers between Israel and the US can no longer rely on the EU-US Privacy Shield, which was a a cross-border data transfer agreement between the EU and US, and was struck down by the European Court of Justice in July. How Israel used Privacy Shield: Israel’s privacy laws allow for the transfer of data from Israel to countries that are party to a European Convention, or countries that receive data from other EU countries. Since the Privacy Shield basically allowed the US to receive Europeans’ data, by extension Israel’s privacy laws allowed for the transfer of data to the US. What is Privacy Shield, and why it was struck down: To understand why Privacy Shield was adopted, and later struck down, one has to go back two decades and start at the beginning of how the transfer of data between EU and US has been governed. Here's a timeline of how the Privacy Shield was formed and later struck down: Between 2000 and 2015, companies sending data from EU to the US had to adhere to a set of principles known as “Safe Harbor”, meaning that US companies could transfer Europeans’ data to their country as long as they ensured adequate levels of data protection. However, “Safe Harbor” was challenged in 2013 after whistleblower Edward Snowden’s revelations that the US was involved in large scale surveillance of its citizens. In October 2013, Maximilian Schrems, an Austrian, filed a complaint against Facebook…
