Un-safe Harbor: is Safe Harbor an adequate means of protecting EU personal data transferred to the US?
The US Safe Harbor framework was developed in 2000 by the US Department of Commerce in collaboration with the European Commission (EC) to provide an adequate level of protection for EU businesses that transfer personal data to the US companies so as to enable them to comply with the data export requirements of the EU Data Protection Directive.
Under the framework, US businesses can self-certify on an annual basis that they will comply with a binding set of principles. Although the arrangement is voluntary, once a business signs up to the Safe Harbor register it assumes various legal obligations that are enforced by the US’s Federal Trade Commission.
Since its introduction, many in the EU have been sceptical about the security offered by Safe Harbor — primarily due to perceived shortcomings in the self-certification process. In 2013, a number of high-profile European people and organisations added to or joined the debate (including the German commissioners, the European data protection supervisor, the chairman of the Article 29 Working Party and the EC). Most expressed concern, particularly in light of revelations in the press that the US government has been carrying out mass surveillance of its European allies…
If you are registered and logged in to the site, click on the link below to read the rest of the Wragge & Co briefing. If not, please register or sign in with your details below.
News from Wragge Lawrence Graham & Co
News from The Lawyer
Briefings from Wragge Lawrence Graham & Co
Finance litigation briefing — merger of cause of action with judgment affects subsequent possession proceedings; and more
Wragge Lawrence Graham & Co’s finance litigation experts bring you the latest on the cases and issues affecting the lending industry.
In this update, the Wragge Lawrence Graham & Co team considers your revised obligations on directors’ remuneration.