EU Safe Harbour 2.0 Data Transfer Deal Set For Next Month

Privacy regulators for the European Union are to meet on February 2 in Brussels to thrash out a new data transfer agreement with the United States.

Dubbed Safe Harbour 2.0, the new agreement comes after the European Union Court of Justice (CJEU) ruled last October that the Safe Harbour data-sharing agreement between the United States and Europe that had been in existence for 15 years was invalid.

Safe Habour 2.0

The European officials will seek to thrash out the final details of the new data sharing deal with the United States.

The EU and the US have been negotiating this for the past two years, after European privacy concerns mounted when the scale of the NSA spying activities were revealed by Edward Snowden.

The meeting next month will seek to find a common position on which legal channels companies can use to transfer data across the Atlantic, Reuters reported. European data regulators have previously confirmed that those transfers can no longer legally be carried out under the current Safe Harbour rules.

The regulators have been analysing the legality of the other transfer mechanisms and should reach a common position on 2 February, a spokeswoman for the French data protection authority, which will chair the meeting, was reported as saying.

“It is evident that we will sanction any transfers of personal data which are solely based on the old safe harbour decision,” said Johannes Caspar, head of the Hamburg data protection authority in Germany which polices Google and Facebook.

He said a new Safe Harbour framework would have to include a number of legal safeguards such as an effective judicial review and independent oversight.

The United States has apparently submitted a package of proposals on a new Safe Harbour deal this week including a letter from US Secretary of Commerce Penny Pritzker, in which she highlighted the US commitment on the oversight of a possible new framework.

Playing Hardball

The EU has not been afraid to play hardball over the matter. Last month, the EU warned that if it fears the United States is not safeguarding privacy enough, it can suspend the new agreement. The Commission has also effectively told the United States the ball is in their court regarding the future progress of the Safe Harbour data agreement.

The suspension of the Safe Harbour agreement in October certainly caused a great deal of anxiety for many firms. Even more concerning is that firms could potentially face legal action over the matter.

The British data protection watchdog last year sought to reassure British businesses, and the EC has also published its own guidelines for firms, but it has effectively warned that the current Safe Harbour deal is dead and buried, and should not be used.

Following the NSA spying revelations. Where do you store your data?