[Federal Register Volume 86, Number 142 (Wednesday, July 28, 2021)]
[Notices]
[Pages 40463-40465]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2021-16019]


-----------------------------------------------------------------------

DEPARTMENT OF COMMERCE

International Trade Administration


Agency Information Collection Activities; Submission to the 
Office of Management and Budget (OMB) for Review and Approval; Renewal 
of Information Collection; Comment Request; Swiss-U.S. Privacy Shield; 
Invitation for Applications for Inclusion on the Supplemental List of 
Arbitrators

AGENCY: International Trade Administration, U.S. Department of 
Commerce.

ACTION: Notice of information collection, request for comment.

-----------------------------------------------------------------------

SUMMARY: The Department of Commerce, in accordance with the Paperwork 
Reduction Act of 1995 (PRA), invites the general public and other 
Federal agencies to comment on proposed, and continuing information 
collections, which helps us assess the impact of our information 
collection requirements and minimize the public's reporting burden. The 
purpose of this notice is to allow for 60 days of public comment 
preceding submission of the collection to OMB.

DATES: To ensure consideration, comments regarding this proposed 
information collection must be received on or before September 27, 
2021.

ADDRESSES: Interested persons are invited to submit written comments by 
email to Towanda Carey, ITA Paperwork Clearance Officer, Department of 
Commerce, International Trade Administration at [email protected]. 
Please reference OMB Control Number 0625-0278 in the subject line of 
your comments. Do not submit Confidential Business Information or 
otherwise sensitive or protected information.

FOR FURTHER INFORMATION CONTACT: Requests for additional information or 
specific questions related to collection activities should be directed 
to David Ritchie, Senior Policy Advisor, Department of Commerce, 
International Trade Administration via email at 
[email protected], or tel. 202-482-1512. More information on the 
arbitration mechanism may be found at https://www.privacyshield.gov/servlet/servlet.FileDownload?file=015t000000079Gr.

SUPPLEMENTARY INFORMATION:

I. Abstract

    The Swiss-U.S. Privacy Shield Framework was designed by the U.S. 
Department of Commerce (Department) and the Swiss Administration to 
provide companies in both Switzerland and the United States with a 
mechanism to comply with data protection requirements when transferring 
personal data from Switzerland to the United States in support of 
transatlantic commerce. On January 12, 2017, the Swiss Administration 
deemed the Swiss-U.S. Privacy Shield Framework adequate to enable data 
transfers under Swiss law, and on April 12, 2017, the Department began 
accepting self-certifications from U.S. companies to join the program 
(82 FR 16375; April 12, 2017).
    On September 8, 2020 the Federal Data Protection and Information 
Commissioner (FDPIC) of Switzerland issued an opinion concluding that 
the Swiss-U.S. Privacy Shield Framework does not provide an adequate 
level of protection for data transfers from Switzerland to the United 
States pursuant to Switzerland's Federal Act on Data Protection (FADP). 
As a result of that opinion, organizations wishing to rely on the 
Swiss-U.S. Privacy Shield to transfer personal data from Switzerland to 
the United States should seek guidance from the FDPIC or legal counsel. 
That opinion does not relieve participants in the Swiss-U.S. Privacy 
Shield of their obligations under the Swiss-U.S. Privacy Shield 
Framework. The Department continues to administer the Privacy Shield 
program while those

[[Page 40464]]

discussions proceed. For more information on the Privacy Shield, visit 
https://www.privacyshield.gov/welcome.
    As described in Annex I of the Swiss-U.S. Privacy Shield Framework, 
the Department and the Swiss Administration committed to implement an 
arbitration mechanism to provide Swiss individuals with the ability to 
invoke binding arbitration to determine, for residual claims, whether 
an organization has violated its obligations under the Privacy Shield. 
Organizations voluntarily self-certify to the Swiss-U.S. Privacy Shield 
Framework and, upon certification, the commitments the organization has 
made to comply with the Swiss-U.S. Privacy Shield Framework become 
legally enforceable under U.S. law. Organizations that self-certify to 
the Swiss-U.S. Privacy Shield Framework commit to binding arbitration 
of residual claims if a Swiss individual chooses to exercise that 
option. Under the arbitration option, a Privacy Shield Panel 
(consisting of one or three arbitrators, as agreed by the parties) has 
the authority to impose individual-specific, non-monetary equitable 
relief (such as access, correction, deletion, or return of the Swiss 
individual's data in question) necessary to remedy the violation of the 
Swiss-U.S. Privacy Shield Framework only with respect to the 
individual. The parties will select the arbitrators from the list of 
arbitrators described below.
    The Department and the Swiss Administration seek to maintain a list 
of up to five arbitrators to supplement the list of arbitrators 
developed under the EU-U.S. Privacy Shield Framework.\1\ To be eligible 
for inclusion on the supplemental list, applicants must be admitted to 
practice law in the United States and have expertise in both U.S. 
privacy law and European or Swiss data protection law. Applicants shall 
not be subject to any instructions from, or be affiliated with, any 
Privacy Shield organization, or the U.S., Switzerland, EU, or any EU 
Member State or any other governmental authority, public authority or 
enforcement authority.
---------------------------------------------------------------------------

    \1\ On July 16, 2020, the Court of Justice of the European Union 
(CJEU) issued a judgment declaring as ``invalid'' the European 
Commission's decision on the adequacy of the protection provided by 
the EU-U.S. Privacy Shield and as a result the EU-U.S. Privacy 
Shield Framework is no longer a valid mechanism to comply with EU 
data protection requirements when transferring personal data from 
the European Union to the United States. That judgment does not 
relieve participants in the EU-U.S. Privacy Shield of their 
obligations under the EU-U.S. Privacy Shield Framework. The 
Department and the Commission are discussing the potential for an 
enhanced EU-U.S. Privacy Shield Framework to comply with the July 
16, 2020 judgment by the CJEU. The Department continues to 
administer the Privacy Shield program while those discussions 
proceed. For more information on the Privacy Shield, visit https://www.privacyshield.gov/welcome.
---------------------------------------------------------------------------

    The Department previously requested and obtained approval of this 
information collection (OMB Control No. 0625-0278), which expires on 
10/31/2021, and now seeks renewal of this information collection. 
Although the Department is not currently seeking additional 
applications, it may do so in the future as appropriate.
    To be considered for inclusion on the Swiss-U.S. Privacy Shield 
Supplemental List of Arbitrators, eligible individuals will be 
evaluated on the basis of independence, integrity, and expertise:

Independence
    --Freedom from bias and prejudice.
Integrity
    --Held in the highest regard by peers for integrity, fairness and 
good judgment.
    --Demonstrates high ethical standards and commitment necessary to 
be an arbitrator.
Expertise Required:
    --Admission to practice law in the United States.
    --Level of demonstrated expertise in U.S. privacy law and European 
or Swiss data protection law.
Other expertise that may be considered includes any of the following:
    --Relevant educational degrees and professional licenses.
    --Relevant professional or academic experience or legal practice.
    --Relevant training or experience in arbitration or other forms of 
dispute resolution.

    Evaluation of applications for inclusion on the list of arbitrators 
will be undertaken by the Department and the Swiss Administration. 
Selected applicants will remain on the list for a period of three 
years, absent exceptional circumstances; change in eligibility, or for 
cause, renewable for one additional period of three years.
    The Department selected the International Centre for Dispute 
Resolution-American Arbitration Association (ICDR-AAA) as administrator 
for Privacy Shield arbitrations brought under either the EU-U.S. 
Privacy Shield Framework or the Swiss-U.S. Privacy Shield Framework. 
Among other things, the ICDR-AAA facilitates arbitrator fee 
arrangements, including the collection and timely payment of arbitrator 
fees and other expenses.
    Arbitrators are expected to commit their time and effort when 
included on the Swiss-U.S. Privacy Shield Supplemental List of 
Arbitrators and to take reasonable steps to minimize the costs or fees 
of the arbitration.
    Arbitrators are subject to a code of conduct consistent with Annex 
I of the Swiss-U.S. Privacy Shield Framework and generally accepted 
ethical standards for arbitrators. The Department and the Swiss 
Administration agreed to adopt an existing, well-established set of 
U.S. arbitral procedures to govern the arbitral proceedings, subject to 
considerations identified in Annex I of the Swiss-U.S. Privacy Shield 
Framework, including that materials submitted to arbitrators will be 
treated confidentially and will only be used in connection with the 
arbitration. For more information, please visit https://www.privacyshield.gov/article?id=G-Arbitration-Procedures where you can 
find information on the arbitration procedures. (Please note that the 
Arbitration procedures apply to both the EU-U.S. Privacy Shield 
Framework and the Swiss-U.S. Privacy Shield Framework)

Applications

    Applications must be typewritten and should be headed ``Application 
for Inclusion on the Swiss-U.S. Privacy Shield Supplemental List of 
Arbitrators.'' Applications should include the following information, 
and each section of the application should be numbered as indicated:

--Name of applicant.
--Address, telephone number, and email address.
1. Independence
    --Description of the applicant's affiliations with any Privacy 
Shield organization, or the U.S., Switzerland, any EU Member State or 
any other governmental authority, public authority, or enforcement 
authority.
2. Integrity
    --On a separate page, the names, addresses, telephone, and fax 
numbers of three individuals willing to provide information concerning 
the applicant's qualifications for service, including the applicant's 
character, reputation, reliability, and judgment.
    --Description of the applicant's willingness and ability to make 
time commitments necessary to be an arbitrator.
3. Expertise
    --Demonstration of admittance to practice law in the United States.
    --Relevant academic degrees and professional training and 
licensing.
    --Current employment, including title, description of 
responsibility, name and address of employer, and

[[Page 40465]]

name and telephone number of supervisor or other reference.
    --Employment history, including the dates and addresses of each 
prior position and a summary of responsibilities.
    --Description of expertise in U.S. privacy law and European or 
Swiss data protection law.
    --Description of training or experience in arbitration or other 
forms of dispute resolution, if applicable.
    --A list of publications, testimony, and speeches, if any, 
concerning U.S. privacy law and European or Swiss data protection law, 
with copies appended.

II. Method of Collection

    As stated above, the Department is not currently seeking additional 
applications, but may do so in the future as appropriate. The 
Department previously requested and obtained approval of this 
information collection (OMB Control No. 0625-0278), which expires on 
10/31/2021, and now seeks renewal of this information collection. 
Future applications would be submitted to the Department by email. More 
information on the arbitration mechanism may be found at https://www.privacyshield.gov/article?id=ANNEX-I-introduction.

III. Data

    OMB Control Number: 0625-0278.
    Form Number(s): None.
    Type of Review: Regular submission, revision of a current 
information collection.
    Affected Public: Private individuals.
    Estimated Number of Respondents: 20.
    Estimated Time per Response: 240 minutes.
    Estimated Total Annual Burden Hours: 80.
    Estimated Total Annual Cost to Public: $0.
    Respondent's Obligation: Required to obtain or retain benefits.
    Legal Authority: The Department's statutory authority to foster, 
promote, and develop the foreign and domestic commerce of the United 
States (15 U.S.C. 1512).

IV. Request for Comments

    We are soliciting public comments to permit the Department/Bureau 
to: (a) Evaluate whether the proposed information collection is 
necessary for the proper functions of the Department, including whether 
the information will have practical utility; (b) Evaluate the accuracy 
of our estimate of the time and cost burden for this proposed 
collection, including the validity of the methodology and assumptions 
used; (c) Evaluate ways to enhance the quality, utility, and clarity of 
the information to be collected; and (d) Minimize the reporting burden 
on those who are to respond, including the use of automated collection 
techniques or other forms of information technology.
    Comments that you submit in response to this notice are a matter of 
public record. We will include or summarize each comment in our request 
to OMB to approve this information collection request (ICR). Before 
including your address, phone number, email address, or other personal 
identifying information in your comment, you should be aware that your 
entire comment--including your personal identifying information--may be 
made publicly available at any time. While you may ask us in your 
comment to withhold your personal identifying information from public 
review, we cannot guarantee that we will be able to do so.

Sheleen Dumas,
Department PRA Clearance Officer, Office of the Chief Information 
Officer, Commerce Department.
[FR Doc. 2021-16019 Filed 7-27-21; 8:45 am]
BILLING CODE 3510-DS-P