The highest EU court last month ruled that Safe Harbour, a system that for 15 years has helped companies to avoid cumbersome checks to transfer Europeans’ data between offices on both sides of the Atlantic, did not sufficiently protect EU citizens because US authorities had bulk access to the data on national security grounds. European watchdogs also wanted to cut ties because USA privacy protections are not as strong as they are in Europe.
Advertisement
The Commission said the explanation is created to reassure businesses that alternative tools can be used to transfer data, and a new EU-U.S. data transfer deal is a priority, an European Union official said.
“We need an agreement with our United States partners in the next three months, we need a bulletproof solution”, said Andrus Ansip, vice-President of the Commission.
Further, the communique said the US has until January 2016 to broker a new agreement to replace Safe Harbor.
The CJEU Decision has stated that personal data transfers which relied on the Safe Harbor Decision are now unlawful.
“Many of those data flows are based on contract clauses”, he said.
Under the EU Data Protection Directive and the implemented European data protection laws, there is a general prohibition on the transfer of data outside the EEA unless adequate methods of protection are ensured.
“The court ruling will be our benchmark in our talks with the United States”, Jourova said.
“Citizens need robust safeguards to ensure their fundamental rights are protected”. “Our aim today is to explain under which conditions businesses can lawfully transfer data in this interim period”. “I have stepped up talks with the U.S. towards a renewed and sound framework for transatlantic data flows and will continue these discussions in Washington next week”.
October’s ruling sent shockwaves throughout the business community, as the decision made it illegal for companies to transfer personal data on European users to the U.S. More than 4,000 companies are affected by the decision and are now scrambling to comply.
His concerns were raised by the scandal involving Edward Snowden, the former National Security Agency whistleblower who in 2013 revealed a worldwide United States surveillance programme harvesting the data.
The treaty was originally launched in 2000 as a way for U.S. firms to get personal data from Europe without breaking its information protection rules.
Advertisement
The Article 29 Working Party, an independent advisory body to the European Commission on data protection and privacy, has responded positively to the decision.
