View Information Collection Request (ICR) Package

Time Remaining Days HR Min Sec

OMB Control No: 0625-0280	ICR Reference No: 202605-0625-004
Status: Received in OIRA	Previous ICR Reference No: 202306-0625-002
Agency/Subagency: DOC/ITA	Agency Tracking No:
Title: Self-Certifications under the Data Privacy Framework Program
Type of Information Collection: Extension without change of a currently approved collection	Common Form ICR: No
Type of Review Request: Regular	Date Submitted to OIRA: 06/01/2026

	Requested	Previously Approved
Expiration Date	36 Months From Approved	07/31/2026
Responses	4,575	4,775
Time Burden (Hours)	2,977	3,062
Cost Burden (Dollars)	232,234	217,091

Abstract: The United States, the European Union (EU), the United Kingdom (UK), and Switzerland share a commitment to enhancing privacy protection, the rule of law, and a recognition of the importance of transatlantic data flows to our respective citizens, economies, and societies, but take different approaches to doing so. Given those differences, the DOC developed the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF in consultation with the European Commission, the UK Government, the Swiss Federal Administration, industry, and other stakeholders. These arrangements were respectively developed to provide U.S. organizations reliable mechanisms for personal data transfers to the United States from the European Union, the United Kingdom (and, as applicable, Gibraltar), and Switzerland while ensuring data protection that is consistent with EU, UK, and Swiss law. The DOC issued the EU-U.S. DPF Principles and the Swiss-U.S. DPF Principles, including the respective sets of Supplemental Principles (collectively the Principles) and Annex I of the Principles, as well as the UK Extension to the EU-U.S. DPF under its statutory authority to foster, promote, and develop international commerce (15 U.S.C. § 1512). ITA administers and supervises the Data Privacy Framework program, including by maintaining and making publicly available the Data Privacy Framework List, an authoritative list of U.S. organizations that have self-certified to the DOC and declared their commitment to adhere to the Principles pursuant to the EU-U.S. DPF and, as applicable, the UK Extension to the EU-U.S. DPF, and/or the Swiss-U.S. DPF. Such organizations must respond promptly to inquiries and requests from ITA for information relating to their adherence to the Principles. On the basis of the Principles, Executive Order 14086, 28 CFR part 201, and accompanying letters and materials, including ITA’s commitments regarding the administration and supervision of the Data Privacy Framework program, the European Commission, the UK Government, and the Swiss Federal Administration have respectively recognized the adequacy of the protection provided by the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF , and the Swiss-U.S. DPF thereby enabling personal data transfers from each respective jurisdiction to U.S. organizations participating in the relevant part of the Data Privacy Framework program. To initially self-certify or subsequently re-certify for the EU-U.S. DPF and, as applicable, UK Extension to the EU-U.S. DPF, and/or the Swiss-U.S. DPF, an organization must on each occasion provide to the DOC a submission that contains the relevant information specified in the Principles. The submission must be made via the DOC's Data Privacy Framework program website by an individual within the organization who is authorized to make representations on behalf of the organization and any of its covered U.S. entities regarding its adherence to the Principles. Such an organization must respond promptly to inquiries and other requests for information from the DOC.

Authorizing Statute(s): US Code: 15 USC 1512

Citations for New Statutory Requirements: None

Associated Rulemaking Information
RIN:	Stage of Rulemaking:	Federal Register Citation:	Date:
	Not associated with rulemaking

Federal Register Notices & Comments
60-day Notice:	Federal Register Citation:	Citation Date:
	91 FR 8438	02/23/2026
30-day Notice:	Federal Register Citation:	Citation Date:
	91 FR 32375	06/01/2026
Did the Agency receive public comments on this ICR? No

ICR Summary of Burden

	Total Request	Previously Approved	Change Due to Agency Discretion
Annual Number of Responses	4,575	4,775	-200
Annual Time Burden (Hours)	2,977	3,062	-85
Annual Cost Burden (Dollars)	232,234	217,091	15,143

Burden increases because of Program Change due to Agency Discretion: Yes

Burden Increase Due to: Miscellaneous Actions

Burden decreases because of Program Change due to Agency Discretion: Yes

Burden Reduction Due to: Miscellaneous Actions

Short Statement: The adjusted figures and by extension the estimates provided are projections that take into account (1) the number of “responses” (i.e., the self-certification form-based initial self-certification and re-certification applications, and the four different types of questionnaires) that were received, reviewed, and processed in the preceding twelve-month period or calendar year, (2) the revisions to the applicable fee schedule that entered into effect on October 1, 2024, and amended the respective amounts of the applicable fees, and (3) increases in the respective, average hourly rates of the relevant types of individuals (i.e., lawyer and manager respondents with regard to Question 12, and DOC employees and contractors with regard to Question 14) performing the tasks directly associated with the “responses” that were received, reviewed, and processed in the preceding twelve-month period or calendar year.

Annual Cost to Federal Government: $615,645

Does this IC contain surveys, censuses, or employ statistical methods? No

Does this ICR request any personally identifiable information (see OMB Circular No. A-130 for an explanation of this term)? Please consult with your agency's privacy program when making this determination. Yes

Does this ICR include a form that requires a Privacy Act Statement (see 5 U.S.C. §552a(e)(3))? Please consult with your agency's privacy program when making this determination. Yes

Is this ICR related to the Affordable Care Act [Pub. L. 111-148 & 111-152]? No

Is this ICR related to the Dodd-Frank Wall Street Reform and Consumer Protection Act, [Pub. L. 111-203]? No

Is this ICR related to the American Recovery and Reinvestment Act of 2009 (ARRA)? No

Is this ICR related to the Pandemic Response? No

Agency Contact: Katelynn Byers 317 550-6120 katelynn.byers@trade.gov

View ICR - Agency Submission