{"id":29560,"date":"2016-08-04T12:34:59","date_gmt":"2016-08-04T16:34:59","guid":{"rendered":"http:\/\/www.iposgoode.ca\/?p=29560"},"modified":"2016-08-04T12:34:59","modified_gmt":"2016-08-04T16:34:59","slug":"eu-us-privacy-shield-adopted-now-what","status":"publish","type":"post","link":"https:\/\/www.yorku.ca\/osgoode\/iposgoode\/2016\/08\/04\/eu-us-privacy-shield-adopted-now-what\/","title":{"rendered":"EU-US Privacy Shield Adopted: Now What?"},"content":{"rendered":"

The re-posting of this article<\/a> is part of a cross-posting agreement with CyberLex<\/a>.<\/em><\/p>\n

On July 12, 2016, the European Commission formally issued its adequacy decision<\/a> endorsing the EU-US Privacy Shield, following the approval<\/a> of the deal by the Article 31 Committee on July 8.\u00a0 Although the European adequacy decision has immediate effect, U.S. organizations will not be able to take advantage of the Privacy Shield until the U.S. Department of Commerce begins accepting self-certifications, on August 1.<\/p>\n

<\/p>\n

Self-Certification<\/strong><\/p>\n

The Department of Commerce has issued guidance<\/a> to companies wishing to self-certify under the Privacy Shield.\u00a0 Only U.S. organizations subject to the jurisdiction of either the Federal Trade Commission or the Department of Transportation will be eligible for self-certification.\u00a0 This will exclude some organizations, such as banks and telecommunications companies, which are outside the jurisdictions of those agencies.<\/p>\n

Eligible organizations that wish to self-certify should carefully review the guidance as well as the seven framework principles and the sixteen supporting principles (the \u201cPrinciples\u201d) that they must commit to adhere to. \u00a0Although participation in the program is voluntary, once made, the commitment to adhere the Principles will be enforceable under U.S. law.<\/p>\n

Many of the Principles will be familiar to U.S. organizations that have previously participated in the former Safe Harbour regime, although they have now been elaborated in more detail, creating new compliance obligations.\u00a0 There are some significant practical differences in the new model, including an obligation for organizations to provide access, at no cost to the individual, to an independent recourse mechanism, stricter limitations on onward transfers to third parties (including service providers)<\/p>\n

Organizations should be cautious about any representations that suggest compliance with Privacy Shield if the organization has not formally self-certified.\u00a0 The FTC has recently issued a number of warning letters<\/a> to organizations it alleges are claiming compliance with the APEC Cross-Border Privacy Rules system without actually meeting the certification requirements.\u00a0 Moreover, the U.S. government has formally stated in a letter<\/a> to the European Commission that it intends to actively police false claims of participation in the Privacy Shield program.<\/p>\n

 <\/p>\n

Legal Challenges Likely<\/strong><\/p>\n

Legal challenges to the Privacy Shield framework are probably inevitable.\u00a0 For example, Max Schrems, the Austrian whose successful challenge invalidated the previous Safe Harbour regime (see our previous articles, here<\/a>, here<\/a>, and here<\/a>) apparently intends to challenge the Privacy Shield as well.<\/p>\n

The Article 29 Working Party had expressed some skepticism<\/a> of a previous draft of the Privacy Shield.\u00a0 The deal was then strengthened at the negotiating table address concerns relating to bulk data collection, the independence of the Privacy Shield Ombudsperson mechanism for review of complaints about state access to personal information, and data retention.<\/p>\n

Even after these enhancements, it is perhaps unclear whether the proposed Ombuds mechanism would qualify as a means of \u201credress\u201d, as that concept has been described by the CJEU.\u00a0 The terms of reference provide only that the Ombudsperson will \u201crespond\u201d to the complaint, in one of two ways: either to confirm either that relevant safeguards provided by U.S. law were complied with or, if that is not the case, that the non-conformance has been remedied.\u00a0 The Privacy Shield Ombudsperson will expressly not be permitted to report on any remedial action taken.\u00a0 Nor will the mechanism involve any possibility of access to, rectification of, or erasure of, any personal data in the hands of any state actors.\u00a0 As the Commission noted in the adequacy decision, these were explicit requirements set out by the CJEU in the Schrems decision.<\/p>\n

In response, the new adequacy decision simply states that \u201cThe Commission\u2019s assessment has confirmed that such legal remedies are provided for in the United States, including through the introduction of the Ombudsperson mechanism.\u201d\u00a0 [See para. 124.]<\/p>\n

It remains to be seen whether the CJEU agrees with this assessment.\u00a0 Until such a decision has been rendered, the Privacy Shield mechanism may offer less stability than most organizations would prefer.\u00a0 Moreover, the mechanism will be subject to annual reviews and the obligations it imposes may be subject to further elaboration over time.<\/p>\n

 <\/p>\n

Alternatives to Privacy Shield<\/strong><\/p>\n

U.S. organizations which do not wish to, or are not eligible to, participate in the Privacy Shield self-certification program can instead continue to rely on other mechanisms recognized by European law, including Standard Contractual Clauses (although these are themselves currently subject to a challenge<\/a> and reference to the CJEU) or Binding Corporate Rules.<\/p>\n

 <\/p>\n

GDPR on the Horizon<\/strong><\/p>\n

All of this must also be assessed in light of the new General Data Protection Regulation (GDPR), set to come into force in the EU in 2018.\u00a0 The GDPR will impose significant new obligations on data processors (including some data processors located outside of the EU) including record keeping, data security, and breach notification obligations.\u00a0 Non-European data processors who offer goods and services to individuals in the EU, or who monitor the behavior of individuals in the EU, may be directly liable for fines up to \u20ac 20 M or 4% of annual global revenues.<\/p>\n

Organizations will have to consider how they will respond to the new GDPR obligations whether or not they self-certify under the Privacy Shield.\u00a0 Furthermore, the GDRP also tightens the rules by which the \u201cadequacy\u201d of foreign laws respecting the protection of personal information must be assessed.\u00a0 This raises the spectre of further challenges to (or evolutions of) the Privacy Shield itself in the future.<\/p>\n

 <\/p>\n

Implications for Canadian Organizations<\/strong><\/p>\n

Canada\u2019s privacy laws have been endorsed in 2001 as adequate in a separate decision of the EC.\u00a0 This decision<\/a> was not directly affected by the Schrems decision and it remains in effect.<\/p>\n

However, there has been some speculation<\/a> that the Privacy Shield has effectively raised the bar and that Canada\u2019s laws may be subject to new scrutiny.\u00a0 The Canadian adequacy decision is scheduled to be reviewed as part of a larger review, which is not due until 2020, but a review could be triggered at any time by a direct challenge.<\/p>\n

To date, there have been no suggestions of any particular changes to Canadian privacy legislation that might be considered to strengthen the case for a renewed adequacy decision.<\/p>\n

However, Canadian organizations which store or process personal information about EU citizens may wish to consider how their practices might be assessed against the Principles articulated in the Privacy Shield agreement.<\/p>\n

In any event, they will have to consider how the GDPR may apply to them and what changes that may require, particularly in light of the significant penalties that can be assessed under the new regulation.<\/p>\n

As a result, Canadian organizations that deal with European data will need to pay close attention to the changing global compliance landscape and should expect that they will face new compliance challenges over the next 18-24 months.<\/p>\n

 <\/p>\n

\u00a9 McCarthy T\u00e9trault LLP<\/p>\n

Keith D. Rose<\/a> is an associate in McCarthy T\u00e9trault\u2019s Business and Technology Law Groups in Toronto.<\/em><\/p>\n

 <\/p>\n

 <\/p>\n","protected":false},"excerpt":{"rendered":"

The re-posting of this article is part of a cross-posting agreement with CyberLex. On July 12, 2016, the European Commission formally issued its adequacy decision endorsing the EU-US Privacy Shield, following the approval of the deal by the Article 31 Committee on July 8.\u00a0 Although the European adequacy decision has immediate effect, U.S. organizations will […]<\/p>\n","protected":false},"author":2140,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_kad_blocks_custom_css":"","_kad_blocks_head_custom_js":"","_kad_blocks_body_custom_js":"","_kad_blocks_footer_custom_js":"","footnotes":""},"categories":[3,1086,110,1001],"tags":[1081,2849,2638,2850,2851],"class_list":["post-29560","post","type-post","status-publish","format-standard","hentry","category-blogs","category-european-union","category-privacy","category-regulatory-policy","tag-european-union","tag-gdpr","tag-keith-d-rose","tag-privacy-shield","tag-safe-harbor"],"yoast_head":"\nEU-US Privacy Shield Adopted: Now What? - IPOsgoode<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.yorku.ca\/osgoode\/iposgoode\/2016\/08\/04\/eu-us-privacy-shield-adopted-now-what\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"EU-US Privacy Shield Adopted: Now What? - IPOsgoode\" \/>\n<meta property=\"og:description\" content=\"The re-posting of this article is part of a cross-posting agreement with CyberLex. On July 12, 2016, the European Commission formally issued its adequacy decision endorsing the EU-US Privacy Shield, following the approval of the deal by the Article 31 Committee on July 8.\u00a0 Although the European adequacy decision has immediate effect, U.S. organizations will […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.yorku.ca\/osgoode\/iposgoode\/2016\/08\/04\/eu-us-privacy-shield-adopted-now-what\/\" \/>\n<meta property=\"og:site_name\" content=\"IPOsgoode\" \/>\n<meta property=\"article:published_time\" content=\"2016-08-04T16:34:59+00:00\" \/>\n<meta name=\"author\" content=\"ccraig\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"ccraig\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.yorku.ca\\\/osgoode\\\/iposgoode\\\/2016\\\/08\\\/04\\\/eu-us-privacy-shield-adopted-now-what\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.yorku.ca\\\/osgoode\\\/iposgoode\\\/2016\\\/08\\\/04\\\/eu-us-privacy-shield-adopted-now-what\\\/\"},\"author\":{\"name\":\"ccraig\",\"@id\":\"https:\\\/\\\/www.yorku.ca\\\/osgoode\\\/iposgoode\\\/#\\\/schema\\\/person\\\/09b0ef7189d5a2bd6fef2472e5ea5b94\"},\"headline\":\"EU-US Privacy Shield Adopted: Now What?\",\"datePublished\":\"2016-08-04T16:34:59+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.yorku.ca\\\/osgoode\\\/iposgoode\\\/2016\\\/08\\\/04\\\/eu-us-privacy-shield-adopted-now-what\\\/\"},\"wordCount\":1147,\"keywords\":[\"European Union\",\"GDPR\",\"Keith D. Rose\",\"Privacy Shield\",\"Safe Harbor\"],\"articleSection\":[\"Blogs\",\"European Union\",\"Privacy\",\"Regulatory Policy\"],\"inLanguage\":\"en-CA\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.yorku.ca\\\/osgoode\\\/iposgoode\\\/2016\\\/08\\\/04\\\/eu-us-privacy-shield-adopted-now-what\\\/\",\"url\":\"https:\\\/\\\/www.yorku.ca\\\/osgoode\\\/iposgoode\\\/2016\\\/08\\\/04\\\/eu-us-privacy-shield-adopted-now-what\\\/\",\"name\":\"EU-US Privacy Shield Adopted: Now What? - IPOsgoode\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.yorku.ca\\\/osgoode\\\/iposgoode\\\/#website\"},\"datePublished\":\"2016-08-04T16:34:59+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/www.yorku.ca\\\/osgoode\\\/iposgoode\\\/#\\\/schema\\\/person\\\/09b0ef7189d5a2bd6fef2472e5ea5b94\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.yorku.ca\\\/osgoode\\\/iposgoode\\\/2016\\\/08\\\/04\\\/eu-us-privacy-shield-adopted-now-what\\\/#breadcrumb\"},\"inLanguage\":\"en-CA\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.yorku.ca\\\/osgoode\\\/iposgoode\\\/2016\\\/08\\\/04\\\/eu-us-privacy-shield-adopted-now-what\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.yorku.ca\\\/osgoode\\\/iposgoode\\\/2016\\\/08\\\/04\\\/eu-us-privacy-shield-adopted-now-what\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.yorku.ca\\\/osgoode\\\/iposgoode\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"EU-US Privacy Shield Adopted: Now What?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.yorku.ca\\\/osgoode\\\/iposgoode\\\/#website\",\"url\":\"https:\\\/\\\/www.yorku.ca\\\/osgoode\\\/iposgoode\\\/\",\"name\":\"IPOsgoode\",\"description\":\"An Authoritive Leader in IP\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.yorku.ca\\\/osgoode\\\/iposgoode\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-CA\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.yorku.ca\\\/osgoode\\\/iposgoode\\\/#\\\/schema\\\/person\\\/09b0ef7189d5a2bd6fef2472e5ea5b94\",\"name\":\"ccraig\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-CA\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/4d6461ef50f637a66f0e694df440ca5896971e12de84d604936521b184fec22a?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/4d6461ef50f637a66f0e694df440ca5896971e12de84d604936521b184fec22a?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/4d6461ef50f637a66f0e694df440ca5896971e12de84d604936521b184fec22a?s=96&d=mm&r=g\",\"caption\":\"ccraig\"},\"url\":\"https:\\\/\\\/www.yorku.ca\\\/osgoode\\\/iposgoode\\\/author\\\/ccraig\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"EU-US Privacy Shield Adopted: Now What? - IPOsgoode","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.yorku.ca\/osgoode\/iposgoode\/2016\/08\/04\/eu-us-privacy-shield-adopted-now-what\/","og_locale":"en_US","og_type":"article","og_title":"EU-US Privacy Shield Adopted: Now What? - IPOsgoode","og_description":"The re-posting of this article is part of a cross-posting agreement with CyberLex. On July 12, 2016, the European Commission formally issued its adequacy decision endorsing the EU-US Privacy Shield, following the approval of the deal by the Article 31 Committee on July 8.\u00a0 Although the European adequacy decision has immediate effect, U.S. organizations will […]","og_url":"https:\/\/www.yorku.ca\/osgoode\/iposgoode\/2016\/08\/04\/eu-us-privacy-shield-adopted-now-what\/","og_site_name":"IPOsgoode","article_published_time":"2016-08-04T16:34:59+00:00","author":"ccraig","twitter_card":"summary_large_image","twitter_misc":{"Written by":"ccraig","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.yorku.ca\/osgoode\/iposgoode\/2016\/08\/04\/eu-us-privacy-shield-adopted-now-what\/#article","isPartOf":{"@id":"https:\/\/www.yorku.ca\/osgoode\/iposgoode\/2016\/08\/04\/eu-us-privacy-shield-adopted-now-what\/"},"author":{"name":"ccraig","@id":"https:\/\/www.yorku.ca\/osgoode\/iposgoode\/#\/schema\/person\/09b0ef7189d5a2bd6fef2472e5ea5b94"},"headline":"EU-US Privacy Shield Adopted: Now What?","datePublished":"2016-08-04T16:34:59+00:00","mainEntityOfPage":{"@id":"https:\/\/www.yorku.ca\/osgoode\/iposgoode\/2016\/08\/04\/eu-us-privacy-shield-adopted-now-what\/"},"wordCount":1147,"keywords":["European Union","GDPR","Keith D. Rose","Privacy Shield","Safe Harbor"],"articleSection":["Blogs","European Union","Privacy","Regulatory Policy"],"inLanguage":"en-CA"},{"@type":"WebPage","@id":"https:\/\/www.yorku.ca\/osgoode\/iposgoode\/2016\/08\/04\/eu-us-privacy-shield-adopted-now-what\/","url":"https:\/\/www.yorku.ca\/osgoode\/iposgoode\/2016\/08\/04\/eu-us-privacy-shield-adopted-now-what\/","name":"EU-US Privacy Shield Adopted: Now What? - IPOsgoode","isPartOf":{"@id":"https:\/\/www.yorku.ca\/osgoode\/iposgoode\/#website"},"datePublished":"2016-08-04T16:34:59+00:00","author":{"@id":"https:\/\/www.yorku.ca\/osgoode\/iposgoode\/#\/schema\/person\/09b0ef7189d5a2bd6fef2472e5ea5b94"},"breadcrumb":{"@id":"https:\/\/www.yorku.ca\/osgoode\/iposgoode\/2016\/08\/04\/eu-us-privacy-shield-adopted-now-what\/#breadcrumb"},"inLanguage":"en-CA","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.yorku.ca\/osgoode\/iposgoode\/2016\/08\/04\/eu-us-privacy-shield-adopted-now-what\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.yorku.ca\/osgoode\/iposgoode\/2016\/08\/04\/eu-us-privacy-shield-adopted-now-what\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.yorku.ca\/osgoode\/iposgoode\/"},{"@type":"ListItem","position":2,"name":"EU-US Privacy Shield Adopted: Now What?"}]},{"@type":"WebSite","@id":"https:\/\/www.yorku.ca\/osgoode\/iposgoode\/#website","url":"https:\/\/www.yorku.ca\/osgoode\/iposgoode\/","name":"IPOsgoode","description":"An Authoritive Leader in IP","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.yorku.ca\/osgoode\/iposgoode\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-CA"},{"@type":"Person","@id":"https:\/\/www.yorku.ca\/osgoode\/iposgoode\/#\/schema\/person\/09b0ef7189d5a2bd6fef2472e5ea5b94","name":"ccraig","image":{"@type":"ImageObject","inLanguage":"en-CA","@id":"https:\/\/secure.gravatar.com\/avatar\/4d6461ef50f637a66f0e694df440ca5896971e12de84d604936521b184fec22a?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/4d6461ef50f637a66f0e694df440ca5896971e12de84d604936521b184fec22a?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4d6461ef50f637a66f0e694df440ca5896971e12de84d604936521b184fec22a?s=96&d=mm&r=g","caption":"ccraig"},"url":"https:\/\/www.yorku.ca\/osgoode\/iposgoode\/author\/ccraig\/"}]}},"taxonomy_info":{"category":[{"value":3,"label":"Blogs"},{"value":1086,"label":"European Union"},{"value":110,"label":"Privacy"},{"value":1001,"label":"Regulatory Policy"}],"post_tag":[{"value":1081,"label":"European Union"},{"value":2849,"label":"GDPR"},{"value":2638,"label":"Keith D. Rose"},{"value":2850,"label":"Privacy Shield"},{"value":2851,"label":"Safe Harbor"}]},"featured_image_src_large":false,"author_info":{"display_name":"ccraig","author_link":"https:\/\/www.yorku.ca\/osgoode\/iposgoode\/author\/ccraig\/"},"comment_info":"","category_info":[{"term_id":3,"name":"Blogs","slug":"blogs","term_group":0,"term_taxonomy_id":3,"taxonomy":"category","description":"","parent":0,"count":853,"filter":"raw","cat_ID":3,"category_count":853,"category_description":"","cat_name":"Blogs","category_nicename":"blogs","category_parent":0},{"term_id":1086,"name":"European Union","slug":"european-union","term_group":0,"term_taxonomy_id":1086,"taxonomy":"category","description":"","parent":0,"count":93,"filter":"raw","cat_ID":1086,"category_count":93,"category_description":"","cat_name":"European Union","category_nicename":"european-union","category_parent":0},{"term_id":110,"name":"Privacy","slug":"privacy","term_group":0,"term_taxonomy_id":110,"taxonomy":"category","description":"","parent":0,"count":311,"filter":"raw","cat_ID":110,"category_count":311,"category_description":"","cat_name":"Privacy","category_nicename":"privacy","category_parent":0},{"term_id":1001,"name":"Regulatory Policy","slug":"regulatory-policy","term_group":0,"term_taxonomy_id":1001,"taxonomy":"category","description":"","parent":0,"count":130,"filter":"raw","cat_ID":1001,"category_count":130,"category_description":"","cat_name":"Regulatory Policy","category_nicename":"regulatory-policy","category_parent":0}],"tag_info":[{"term_id":1081,"name":"European Union","slug":"european-union","term_group":0,"term_taxonomy_id":1081,"taxonomy":"post_tag","description":"","parent":0,"count":18,"filter":"raw"},{"term_id":2849,"name":"GDPR","slug":"gdpr","term_group":0,"term_taxonomy_id":2849,"taxonomy":"post_tag","description":"","parent":0,"count":8,"filter":"raw"},{"term_id":2638,"name":"Keith D. Rose","slug":"keith-d-rose","term_group":0,"term_taxonomy_id":2638,"taxonomy":"post_tag","description":"","parent":0,"count":2,"filter":"raw"},{"term_id":2850,"name":"Privacy Shield","slug":"privacy-shield","term_group":0,"term_taxonomy_id":2850,"taxonomy":"post_tag","description":"","parent":0,"count":1,"filter":"raw"},{"term_id":2851,"name":"Safe Harbor","slug":"safe-harbor","term_group":0,"term_taxonomy_id":2851,"taxonomy":"post_tag","description":"","parent":0,"count":1,"filter":"raw"}],"_links":{"self":[{"href":"https:\/\/www.yorku.ca\/osgoode\/iposgoode\/wp-json\/wp\/v2\/posts\/29560","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.yorku.ca\/osgoode\/iposgoode\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.yorku.ca\/osgoode\/iposgoode\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.yorku.ca\/osgoode\/iposgoode\/wp-json\/wp\/v2\/users\/2140"}],"replies":[{"embeddable":true,"href":"https:\/\/www.yorku.ca\/osgoode\/iposgoode\/wp-json\/wp\/v2\/comments?post=29560"}],"version-history":[{"count":0,"href":"https:\/\/www.yorku.ca\/osgoode\/iposgoode\/wp-json\/wp\/v2\/posts\/29560\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.yorku.ca\/osgoode\/iposgoode\/wp-json\/wp\/v2\/media?parent=29560"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.yorku.ca\/osgoode\/iposgoode\/wp-json\/wp\/v2\/categories?post=29560"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.yorku.ca\/osgoode\/iposgoode\/wp-json\/wp\/v2\/tags?post=29560"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}