safe-harbor-logo

With No Safe Harbor Agreement, Businesses Eye Other Options

With No Safe Harbor Agreement, Businesses Eye Other Options

Now that Sunday’s deadline to reach a deal on a new Safe Harbor framework between the United States and European Union has come and gone, the question for many companies is what, if anything, they are going to about it.

American and European negotiators, meanwhile, continue to work on an agreement before European regulators issue a ruling on how data can be shared, which is expected on Wednesday.

Safe Harbor was a framework of principles regarding opt-in/opt-out, onward transfer of data to third parties, security, use, access, and compliance that had been in place since 1998. It allowed U.S.-based companies to transfer data about their European customers, regardless of which country they were in, to the United States, provided that they followed the guidelines set out in the framework.

On October 6, 2015, the European Court of Justice, fearful that U.S. law does not adequately protect the privacy of EU citizens, declared Safe Harbor invalid. Representatives from the United States and the European Union had until Sunday to come up to a compromise agreement that would have allowed the program to continue. Basically, if a company abides by Safe Harbor, it can avoid adhering to the patchwork of privacy laws, regulations, and directives form each of the EU’s 28-member countries.

Read Also:
Should Those Who Gather Data Be Responsible for What Is Done With It?

Fortunately, for most companies doing business in the EU, Safe Harbor is a non-issue. This also holds true for U.S.-based companies doing business with the Swiss, since there is a separate Safe Harbor framework in place for Switzerland. Also, if a company is not subject the jurisdiction of the Federal Trade Commission or the Department of Transportation, then Safe Harbor doesn’t apply, either.

For these companies – and most of the companies doing business in Europe, it turns out – model contracts are the preferred method of securing data transfer rights, said Carsten Casper, a managing vice president at Gartner. Model contracts (also called standard contracts or model clauses) are standard contractual clauses that U.S.-based companies can use to transfer data out of the EU. They are binding, legally enforceable, and cannot be modified. Companies have to adopt them as written by the European Council and the European Parliament.

“Most companies have been using model contracts anyway. Tens of thousands of companies are using standard contractual clauses,” said Casper, an attorney who has been working with these issues since the days of the PATRIOT ACT in the 2000s.  “What happens now … is those companies that have been relying on Safe Harbor; they are now shifting to model contracts.;

Read Also:
How Data Visualization is the Future of Information Sharing

 



Chief Analytics Officer Europe

25
Apr
2017
Chief Analytics Officer Europe

15% off with code 7WDCAO17

Read Also:
Microsoft and the ubiquity of data intelligence

Chief Analytics Officer Spring 2017

2
May
2017
Chief Analytics Officer Spring 2017

15% off with code MP15

Read Also:
5 Reasons Why Startups Must Use Business Intelligence Tools

Big Data and Analytics for Healthcare Philadelphia

17
May
2017
Big Data and Analytics for Healthcare Philadelphia

$200 off with code DATA200

Read Also:
Master Data Management Moves Past the Hype Cycle

SMX London

23
May
2017
SMX London

10% off with code 7WDATASMX

Read Also:
Project Data Sphere enables wide use of clinical trial data

Data Science Congress 2017

5
Jun
2017
Data Science Congress 2017

20% off with code 7wdata_DSC2017

Read Also:
Should Those Who Gather Data Be Responsible for What Is Done With It?

Leave a Reply

Your email address will not be published. Required fields are marked *