Last year, the “Safe Harbor” overseas data security laws that governed any and all digital interaction in and out of the EU when involved the US, especially in light of Edward Snowden’s discoveries, was declared outdated and invalid by European authorities. The European Union and the US Department of Commerce worked hand in hand to create an alternative to those outdated laws. Called “Privacy Shield”, the new legal framework is built to provide a greater minimum standard of security, more accountability, and to add in some recourse for those who find their data compromised on the way over the ocean. As of Monday, Google has submitted their official application to the US Department of Commerce to be counted among tech firms that are fully compliant with the new laws, joining big names like Microsoft.
While Google and Alphabet at large have been complying fully with the new laws since their inception back in July of this year, companies hoping to attain the status of officially compliant have to not only walk the walk, but also talk the talk; they must submit a formal application, which will prompt authorities to review their products, services, and transmissions to ensure compliance. Only at this point is a company’s compliance with the act certified and official.
Google has been one of the biggest supporters of a new framework since the dissolution of the Safe Harbor laws back in October, and had been aiding in figuring out how best to handle enacting new laws since then. Ever since the official unveiling of Safe Harbor back in July, Google has been complying with all of the new guidelines, and publicly declared as much. In a climate rife with privacy controversies and a raging dispute over encryption and backdoors, they were even bold enough to state that they will cooperate fully in all investigations launched in compliance with the new laws. Full compliance not only means ensuring that their transmissions are up to snuff, but also declaring compliance within products’ privacy policies, and giving users a link to review the terms of Privacy Shield for themselves, along with a way to lodge complaints and request investigations. Essentially, companies that claim compliance and do not deliver open themselves up to litigation on a private level and with authorities, meaning that Google vying for official status is a big commitment.