The ECJ heard arguments, this week, in the action against the Irish Data Protection Commissioner that Safe Harbor should be declared invalid. The case was originally brought by Austrian law student, Max Schrems.
Let’s cut to the chase: the basic argument is that as the Commission has decided that Safe Harbor needs an upgrade (the Commission made 13 recommendations for improvement but negotiations stalled last year with the US) it cannot currently be valid. Is there a logic to that? But removing Safe Harbor would be a huge problem for US-based vendors (e.g. Cloud Computing service providers). They rely on this for valid data transfers. We expect the Advocate General’s opinion on 24 June.