Just a few short weeks ago the Court of Justice of the European Union ruled that the EU-US Safe Harbour network was inadequate for protecting the privacy rights and personal data of EU citizens being transferred by companies from Europe to the USA. This is all well and good but what does it mean for Companies transferring personal data from the EU to the USA and what should they do about it?
Well, the answer isn't clear to be honest. Let's be realistic, in order for there to be a meaningful internet the transfer of data across borders is essential. Therefore interim solutions are going to be vital!
Companies are coming up with their own ideas as to avoid breaching EU law when it comes to the transfer of EU citizens personal data out of Europe until a new solution is agreed upon between the United States and Europe Microsoft has come up with a temporary solution which is to set about establishing servers based in Europe to provide cloud based services. The purpose of this is to avoid the transfer of data to servers on US soil.
Microsoft's solution is an interim one until a meaningful and permanent/semi-permanent plan is decided upon between Europe and the United States. A target has been set for the terms of a new plan to be agreed between the EU and the US by 31 January 2016. Safe Harbour 2.0?
“Microsoft’s lawyers and T-Systems’ lawyers argue that the German Data Trustee model, which is at the heart of this week’s deal and is governed by German law, will be effective in shielding data from U.S. demands. But, to be sure, we must wait for the first legal challenge. And the appeal. And the counter-appeal,” he rightly pointed out.