Safe Harbour Implications Following EU Ruling

Engineering working hold tablet in front of cargo loading workplace
  • Individual EU Countries To Set Their Own Regulation For U.S. Companies Handling of Citizens’ Data
  • Countries Now Able Choose To Suspend The Transfer Of Data To The U.S.

Original Author: Assent Risk Management
Original Links:


The European Court of Justice (ECJ) has  governed that the EU-US Safe Harbour Framework does not provide a valid legal basis for transfers of personal data from Europe to the U.S.
This transatlantic Safe Harbour agreement, which allows American Companies to use a single standard for consumer privacy and data storage in both the EU and U.S., is null and void.

How Did The Ruling Come To Surface?

This ruling came to surface subsequently after Edward Snowden’s NSA leaks showed that European data stowed away by U.S. companies was not safe from surveillance that would be prohibited in Europe.

What Does This Mean?

Now companies like Facebook and Twitter could face inspections from data regulators of individual European countries’. Furthermore they might be forced to host European use data in Europe, instead of hosting it in the US and transmitting it over.

A Bureaucratic Nightmare?

Theoretically, American companies that have European customers may now end up attempting to follow 20, possibly more, different sets of national data-privacy regulations. Many U.S. firms /companies (this could be up to 4,500) have relied on Safe Harbour.

The regulation says “the existence of a Commission decision finding that a third country ensures an adequate level of protection of the personal data transferred cannot eliminate or even reduce the powers available to the national supervisory authorities.”

This basically means that the European Commission’s Safe Harbour cannot seize the powers of national authorities.

Our Verdict

This appears to be far from settled, with a European solution likely to be needed to unify the approach of the member states.

Alternatively it may lead to companies relying more on hosting European data within Europe.


Find out more information here: