If you deal with international data transfers, then you probably know already that countries within the EU are not allowed to transfer data to a country outside of the EU, unless the recipient can prove they provide adequate privacy protection.
In 2000, an agreement was struck between the EU and US called the ‘Safe Harbour Agreement’ – essentially, this was an agreement that was used as blanket permission for any data transfers from EU to US, meaning companies could safely transfer data between the two countries without breaching EU rules.
So… What’s Changed?
Nothing has changed as such – the Safe Harbour Agreement still ‘exists’; however, a recent ruling at the European Court of Justice has stated that the Safe Harbour Agreement alone is not enough to allow data transfers from the EU to the US – in other words, this recent Safe Harbour Ruling means that if you’re making data transfers to the US from the EU, then the US will still need to ensure the privacy of that data is protected through means such as local watchdogs, just as is the case for data transfers to any other country outside of the EU.
Who Does This Affect?
This ruling mainly affects hosting companies or companies that are responsible for looking after data on behalf of clients. So although it might not affect you directly, it might affect the companies who look after your data.
Most notably, this ruling is affecting Social Media giant Facebook, who has been utilising the Safe Harbour Agreement as permission to move data to the US for several years – discussions are still taking place to determine whether or not EU-US transfers should now be suspended for Mark Zuckerberg’s brain child.
It is worth noting that the data you entrust to People is hosted securely within data centres in the EU, meaning our customers will not be affected by this new Safe Harbour Ruling.