Surprisingly, only 24 of the 107 companies (22%) have certified for HR data, whereas HR certifications for Safe Harbor were above 50%. Only three of the 107 companies certified only for HR data (Employment Screening Resources, Perceptx and RECSOLU), although all three may have erred in claiming they are processing HR data when it appears that they are only processing data of clients who have employees in the EU.
Only a few companies are well-known, including Microsoft, Salesforce and Workday. The other 104 companies appear to be smaller niche firms, although sometimes unknown companies prove to be quite substantial. Media reports suggest that there are hundreds of self-certifications in the pipeline, a number likely to grow as the October 1 deadline approaches for securing the nine-month grace period with respect to third party agents.
As a website, the Privacy Shield List is best described by technical terms: slick, but lame. The Previous and Next buttons yield strange results, if any. Under Advanced search one has to click through each individual letters of the alphabet to view all the participants, since the “All” choice is not working. The four filters yield the same frustrating limits to showing results by letter of the alphabet. Three of the filters (Participation Status, Covered Data and Framework) are worthless. For all of the supposedly careful review of submissions, parenthetical remarks (such as ‘we revised the policy on August 3, but didn’t post it until the 15th’ and “Thank you”) are included in policy descriptions. Companies appear under the wrong letter of the alphabet (Etleap with the D’s; Visible Health in the E’s; Employment Screening Resources in the I’s). There are doubtlessly other problems undetected as well.