Menu
5 things you need to know about legally transferring data out of Europe

5 things you need to know about legally transferring data out of Europe

The U.S.-EU Safe Harbor agreement on transatlantic data transfers is dead. What now?

1. It only concerns personal data  The Safe Harbor agreement was -- until it was struck down by the Court of Justice of the European Union on Oct. 6 -- a way to reconcile differences between U.S. privacy laws and the EU's 1998 Data Protection Directive, which prohibits the transfer of Europeans' personal information to countries with inadequate privacy protections. If all you're shifting is production data or environmental measurements, then carry on as you were.

2. It's not the only way to transfer data legally  The directive provides other legal mechanisms under which businesses may transfer personal data outside the EU, whether to the U.S. or elsewhere, including model contract clauses, informed consent, and binding corporate rules. If you work for a multinational conglomerate, your company may have already established binding rules guaranteeing the protection of personal data transferred between different subsidiaries.

3. Your cloud provider may already have your back  Although Amazon Web Services and Microsoft Azure were registered under the Safe Harbor program, it's not game over for them or their customers. Their contracts already include model clauses approved by European data protection authorities promising that the personal information they process will be adequately protected. 

4. Even the alternatives to Safe Harbor may prove inadequate  Many observers have noted that the alternatives to Safe Harbor suffer from some of the same inadequacies that bothered the judges of the CJEU, and may themselves become subject to legal challenge. Data protection authorities across Europe have said they will continue to support the alternatives for now, but German regional DPAs are so concerned they have already refused to approve further model contract clauses and want businesses to stop personal data exports. 

5. January 31 is when things get interesting  That's the deadline Europe's DPAs have given the European Commission to agree on new Safe Harbor rules with the U.S. -- and if no agreement is forthcoming, it's also the date by which they expect companies to find an alternative to Safe Harbor. Until then, they've promised (outside Germany, at least) not to audit or prosecute companies for exporting personal data to the U.S.

Subscribe here for up-to-date channel news

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Featured

Slideshows

StorageCraft celebrates high achievers at its inaugural A/NZ Partner Awards

StorageCraft celebrates high achievers at its inaugural A/NZ Partner Awards

Revealed at a glitzy bash in Sydney at the Ivy Penthouse, the first StorageCraft Partner Awards locally saw the vendor honour its top-performing partners with ASI Solutions, SMBiT Pro, Webroot, ACA Pacific and Soft Solutions New Zealand taking home the top awards. Photos by Maria Stefina.

StorageCraft celebrates high achievers at its inaugural A/NZ Partner Awards
Kiwi resellers make a splash on Synnex and Lenovo RotoVegas road trip

Kiwi resellers make a splash on Synnex and Lenovo RotoVegas road trip

​Synnex and Lenovo hosted 18 resellers for an action-packed weekend adventure in RotoVegas, taking in white water rafting on the Kaituna River, as well as quad biking and dinner at Stratosfare​, overlooking Lake Rotorua at the top of Mount Ngongotaha​. Photos by Synnex.

Kiwi resellers make a splash on Synnex and Lenovo RotoVegas road trip
Show Comments