So,
Nobody is currently bothering to police the agreement. Sounds effective.
The first annual review of the Privacy Shield agreement that governs transatlantic data flows has come back with a solid, unsurprising mark of "adequate". The agreement – which rose from the ashes of the Safe Harbour framework that was ruled invalid after being challenged by privacy activist Max Schrems – aims to protect …
"But when they make the ombudsperson's job permanent then he/she will have total power over the US intelligence agencies"
Naturally! They'll get entrusted with a very serious-looking briefcase with an even more serious-looking Big Red Switch labelled "Snooping ON/OFF". It might even require multiple simultaneously inserted keys! There will be no antenna, of course, no need - it all works by, uh, quantum entanglement...
Yep. Although our production manager was a stickler for detail and our terminals passed on the first try, the TÜV examiner said most devices need at least one re-test before they get official certification.
Most big players get things properly certified straight away, because they need to have external certification in order to sell into many businesses. But for small production runs, it adds a large expense to the cost of the device - excluding your own time and destruction testing of devices, the certification process can quickly run into five figures.
We also did a TÜVit system security certification for one of our IT systems, that was also very interesting.
Jourová said that "so far there have been practically no complaints", so another clear answer, is that a yes or no, that the US 3 letter agencies have behaved and haven't intercepted data illegally or US companies given it away freely or under a gagging order ?
Try not to read too much into this.
The average schmo knows nothing, or next to nothing about it, so doesn't complain.
The TLAs and US companies are mostly content, with their only complaint being; "We're not quite getting 100% of the data!"