When the European Court of Justice first invalidated the Safe Harbor we recommended here that, for most companies, staying the course by implementing general data security best practices was probably the right thing to do until the situation in the European Union stabilized.
As of last week, that interregnum in transatlantic data transfer law has ended. The EU and US governments finally signed the Privacy Shield as a replacement for the old Safe Harbor regime. Companies must now decide whether to adopt the Shield, pick up one of the weighty swords that are the other compliance methods, or plough ahead doing nothing new, waiting to see if Schrems and his supporters challenge the new arrangement as they did the old one.
Please see full publication below for more information.