Germany: will data transfers to the US become unlawful due to PRISM?

Download document:

Germany: will data transfers to the US become unlawful due to PRISM? - .PDF file.

From now on, any transfer of personal data from Germany to the US should be regarded unlawful under German data protection law. This was stated by the German data protection authorities in a press release issued on 24 July 2013. The authorities point to the NSA’s vast access to personal data in the US under the NSA PRISM programme as a key reason why they believe that an adequate level of data protection may no longer be assured in US companies, even if the EU-Standard Contractual Clauses are in place or the recipient in the US is Safe Harbor certified.

Usually, the conclusion of the EU standard contractual clauses or the data importer’s adherence to the Safe Harbor Principles in the US will allow the transfer of personal data from Germany to the US according to German data protection law. However, the data protection authorities argue that data importers in the US may no longer be able to adhere to the provisions of Safe Harbor and the EU standard contractual clauses as the NSA may, inevitably, have excessive access to this data.

As a consequence, the German data protection authorities will — at least for the time being — no longer grant any kind of permissions (where these are required) allowing data transfers to countries outside of the European Union or the European Economic Area (including certain cloud services)…

If you are registered and logged in to the site, click on the link below to read the Taylor Wessing briefing. If not, please register or sign in with your details below.