Recently, the European Commission and the US Government agreed on a new framework called the EU-US Privacy Shield, and on July 12, the European Commission formally adopted it. Amazon Web Services (AWS) welcomes this new framework for transatlantic data flow.
As the EU-US Privacy Shield replaces Safe Harbor, we understand many of our customers have questions about what this means for them. The security of our customers’ data is our number one priority, so I wanted to take a few moments to explain what this all means.
The new EU-US Privacy Shield does not impact AWS customers for two reasons. First, customers using AWS have full control of the movement of their data and have always had the choice of the region in which their data is kept. AWS customers choose the AWS region where their data will be stored and can be assured that their data will remain there unless moved by them. Second, for customers who wish to transfer personal data from an AWS region in the European Economic Area (EEA) to one in another part of the world, including the US, AWS customers can do this in compliance with EU data protection law under the terms of the AWS Data Processing Addendum with Model Clauses, which was approved in 2015 by the EU data protection authorities (called the Article 29 Working Party). These options are available to all AWS customers who are processing personal data, whether they are established in, or a global company operating in, the EEA.
Additionally, Amazon.com, Inc. is taking the necessary steps to certify under the EU-US Privacy Shield (as of August 1, companies can begin the process of certifying themselves against it). Upon completion of this process, AWS will be covered under this certification.Read More →