The European Court of Justice (CJEU) recently dismissed a case brought against the new mechanism for trans-Atlantic data transfers, the EU-U.S. Data Privacy Framework (DPF). Insights work can continue unimpeded as a result.
On September 3, 2025, the CJEU dismissed the case of Latombe v. Commission, “an action for annulment of the new framework for the transfer of personal data between the European Union and the United States.” According to the court, the decision “confirms that, on the date of adoption” of the DPF on July 10, 2023, “the United States of America ensured an adequate level of protection for personal data transferred from the European Union to organisations in that country.”
Had the case moved forward, the DPF would have faced challenges and potential rejection, imperiling insights work, as happened with predecessor agreements (Privacy Shield and Safe Harbor).
A company's self-certification of compliance with the EU-U.S. DPF Principles through the U.S. Department of Commerce and appearance on the public Data Privacy Framework List maintained by Commerce demonstrates to European organizations and consumers a serious commitment on the part of the company to protect personal information in accordance with a set of privacy principles that offer meaningful privacy protections and recourse. Insights companies find this self-certification to be a less-burdensome alternative to the standard contractual clauses (or to no option at all) for legal trans-Atlantic data transfers.
While joining the Insights Association’s DPF Services Program (providing an independent dispute resolution) is voluntary, once an eligible company self-certifies its compliance and makes the public commitment to adhere to the DPF Principles, the commitment will become enforceable under U.S. law. Research and data analytics companies that participate in the Department of Commerce’s DPF Program are obligated to protect the personal data of Europeans received under the relevant part(s) of the DPF Program.
Not yet part of the Insights Association’s Data Privacy Framework program? Join today.
Bring your questions to Juliana Wood.
About the Author
Based in Washington, DC, Howard is the Insights Association's lobbyist for the marketing research and data analytics industry, focusing primarily on consumer privacy and data security, the Telephone Consumer Protection Act (TCPA), tort reform, and the funding and integrity of the decennial Census and the American Community Survey (ACS).
Howard has more than two decades of public policy experience. Before the Insights Association, he worked in Congress as senior legislative staffer for then-Representatives Christopher Cox (CA-48) and Cliff Stearns (FL-06). He also served more than four years with a science policy think tank, working to improve the understanding of scientific and social research and methodology among journalists and policymakers.
Howard is also co-director of The Census Project, a 900+ member coalition in support of a fair and accurate Census and ACS.
He has also served previously on the Board of Directors for the National Institute for Lobbying and Ethics and and the Association of Government Relations Professionals.
Howard has an MA International Relations from the University of Essex in England and a BA Honors Political Studies from Trent University in Canada, and has obtained the Certified Association Executive (CAE), Professional Lobbying Certificate (PLC) and the Public Policy Certificate (PPC).
When not running advocacy for the Insights Association, Howard enjoys hockey, NFL football, sci-fi and horror movies, playing with his dog, and spending time with family and friends.