On October 6, 2015, the European Court of Justice (“ECJ”) ruled in the “Schrems”case that the U.S.-EU Safe Harbor framework on the transfer of personal data from Europe to the United States, was invalid.
For the past 15 years, this Safe Harbor framework gave privileged status to U.S. companies, allowing for such entities to “self-certify” that they complied with privacy standards negotiated between the European Commission and the United States Department of Commerce under the Clinton Administration in 1999, and were viewed as “adequate” by the EU. Effective immediately, today’s ruling may force all of the 4,400 U.S. entities that currently relying on the Safe Harbor to access the data of their EU partners and subsidiaries, to seek alternate modes of data transfer or risk non-compliance with EU data protection requirements.
(more…)