MORGES, Switzerland, September 28, 2016 – CA Technologies (NASDAQ: CA) today announced it has submitted its EU-US Privacy Shield self-certification to the US Department of Commerce. This will ensure that CA Technologies can transfer data between the EU and US under the Privacy Shield, in addition to other existing legal mechanisms. CA Technologies was an active participant in the discussions leading up to the announcement of the Privacy Shield framework.
International data transfers are crucial in today’s application economy. “Innovation and data don’t stop at the borders. With the Internet of Things and other communication-intensive innovations, our customers need to transfer data on a daily basis as a matter of necessity,” said Otto Berkes, chief technology officer, CA Technologies. “An essential component is trust among technology service providers, customers and regulators. Having legal certainty and a stable framework for innovation is essential.”
Different mechanisms currently exist under EU law to transfer data outside of the EU. One such mechanism, Binding Corporate Rules (BCRs), require robust and extensive internal controls and procedures, and as a result CA Technologies is one of only a handful of technology companies that has developed BCRs. “This further assures our customers that we apply the highest standards to their data,” according to general counsel Michael Bisignano.
“Legal challenges to the Privacy Shield framework are a possibility,” says Bisignano. “While other organizations may choose to delay until there is greater certainty, we strongly believe that our early investment in the Privacy Shield is the right one. Our commitment to the Privacy Shield is the best way available to demonstrate a commitment to protecting our customers’ data and further promote trust among all constituencies.”