The EU-US Privacy Shield was introduced as a replacement for the, now defunct, Safe Harbour agreement with the intent of allowing the free flow of personal data between the EU and US.  The EU approved it on the basis that they could rely on the fact that US authorities would provide adequate monitoring and supervision.  It seems that this reliance is being called into question more and more in light of legislative changes.

Many companies have just quietly self certified, the Privacy Shield simply requires a US company to submit a statement that it is compliant along with supporting documents and the appropriate fee, but some have made bold public statements about it and, for their sake, I hope this doesn't end up with a slightly embarrassing outcome.

We believe that all these moves towards making the security and transfer of personal data safer and more protected are positive.  Whether it's GDPR, Model Clauses, BCRs or even the Privacy Shield if it remains (and you could question whether it's even relevant under GDPR), these all create an environment where individuals can feel more confident that their personal data won't be used to restrict their rights or freedoms.