March 24, 2016 Top Story

EU and United States to Quell Uncertainty after Safe Harbor Invalidation

Swift action required by affected companies to comply with EU privacy laws

Onika K. Williams

The European Commission’s safe harbor framework is invalid, and U.S. companies are no longer protected by self-certifying that they adequately protect of European data in compliance with the European Union’s (EU) Data Protection Directive (95/46/EC). Schrems v. Data Prot. Comm’r. The Court of Justice of the European Union (CJEU), the EU’s highest court, ruled that even if U.S. companies use adequate protection measures for personal data of European users, U.S. authorities are not subject to the provisions of the safe harbor framework. The safe harbor agreement, therefore, places the data privacy of Europeans at risk of U.S. government surveillance. Section leaders opine that the decision has significant ramifications and forces U.S. companies doing business in Europe to find alternative ways to legally transfer data.

Premium Content For:
  • Litigation Section
Join - Now