Episerver on EU-US Privacy Shield

From our European roots, Episerver has always held a commitment to data protection and privacy. With the new EU-U.S. Privacy Shield framework, which the European Commission announced on July 12, Episerver will adopt another safeguard to benefit our customers and our industry as a whole.

The protection of Europeans’ personal data is a fundamental right, and this new high standard will help drive global initiatives for our customers in the areas of cloud, marketing, content management and e-commerce.

With a global presence and our headquarters in the U.S., Episerver believes that privacy values are imperative regardless of where you are in the world. Privacy Shield is an important achievement for the privacy rights of citizens across Europe, and for companies with data distributed and transmitted internationally. The U.S. and other countries will also benefit from these data privacy and protection guidelines.

Privacy Shield finally gives all of us legal guidance on data flows between Europe and the U.S., following the repudiation of the Safe Harbor Privacy Principles. Privacy Shield provides new rules for data retention and the onward transfer of data, which gives data protection authorities more power. It also establishes an independent oversight body, which in turn should limit data collection practices by U.S. security agencies. Most importantly, the new rules give Europeans a path for redress should Privacy Shield be breached.

Privacy Shield is a living framework with an annual review clause. It can and will evolve over time, adapting to changes in data practices, technology, and privacy laws. Our customers, our partners and Episerver itself will all benefit from this legal doctrine. It emulates our own software, by delivering an industrially stable framework, with flexibility built in. Privacy Shield reflects that laws must evolve just as quickly as technology does.

Privacy Shield provisions will also be extended to alternative data transfer mechanisms, such as EU Model Clauses, which we adopt with many of our cloud-based customers.

I am happy to announce that Episerver will start the process of implementing Privacy Shield requirements and sign up to the new framework as soon as practically possible. It is in all of our collective interests to ensure that Privacy Shield be implemented rapidly and rigorously.

Episerver firmly believes in strong privacy protection, and welcomes any mandate or change that further drives that initiative. We all share common privacy values and goals, as part of our on-going commitment to our customers, partners and Episerver’s continued growth.