The ECJ has now decided that businesses - chiefly US-based organisations - will no longer be able to rely on the US Safe Harbour Privacy Principles as ensuring an adequate level of protection to satisfy the requirements of the EU Data Protection Directive when transferring personal data outside the EEA.
The European Commission has been negotiating with the US authorities for some time regarding the introduction of a new, more privacy protective arrangement, and these negotiations can now be expected to be pursued with more urgency. However, in the meantime organisations which have relied on the Safe Harbor scheme will have to put in place quickly alternative compliance mechanisms, although the choice is limited. For more details, see our data protection update here.
Note that this decision does not impact on the validity of any inter-company Data Transfer Agreements (Set II).
Key contacts
Samantha Brown
Managing Partner, Employment, Pensions and Incentives, UK and EMEA, London
Steve Bell
Managing Partner, Employment, Industrial Relations and Safety, Asia and Australia, Melbourne
Emma Rohsler
Partner, Head of Employment, Pensions and Incentives, EMEA, Paris
Tim Leaver
Partner, London
Andrew Taggart
Partner, London
Fatim Jumabhoy
Partner, Head of Employment & Workplace Investigations, Asia, Singapore
Barbara Roth
Partner, New York
Christine Young
Partner, London
Disclaimer
The articles published on this website, current at the dates of publication set out above, are for reference purposes only. They do not constitute legal advice and should not be relied upon as such. Specific legal advice about your specific circumstances should always be sought separately before taking any action.