European national data protection authorities to enforce ECJ Safe Harbour decision from 1 Feb 2016 | DMA

Filter By

Show All
X

Connect to

X

European national data protection authorities to enforce ECJ Safe Harbour decision from 1 Feb 2016

T-5624f7f98c8b2-eu-flags-800x_5624f7f98c7d8-2.jpg

Companies could be prosecuted following the European Court of Justice decision that Safe Harbour is invalid, from February 1 2016 according to Article 29 Working Party of European national data protection authoirities

On Tuesday 6 October the European Court of Justice dismissed so-called Safe Harbour, a system to allow US companies to process data that belongs to European citizens. According to the Article 29 Working Party of European national data protection authorities, while no action will be taken against companies now, enforcement action could begin from 1 February 2016 if there is no Safe Harbor 2.0 agreed with the US authorities by this date.

On Friday 16 October the Working Party called on the Member States and the EU institutions to continue discussions with the US authorities on negotiating a revised Safe Harbor 2.0 which will be compliant with European data protection legislation and the decision of the ECJ in the Safe Harbor case.

The ECJ invalidated the current Safe Harbor Agreement on a technical ground, but in reality the USA’s national security and intelligence services surveillance operations, as revealed by Snowden were behind the decision. For more details see here.

As pointed out in my earlier article, the problems of the USA’s national security and intelligence services surveillance operations are equally applicable to Binding Corporate Rules and model Contract Clauses.

The national data protection authorities consider that Model Contract Clauses and Binding Corporate Rules can still be used to transfer personal information to the USA, but the Working Party will continue its analysis on the impact of the ECJ decision on these transfer methods.

However, individual national data protection authorities can investigate transfers of personal information to the USA on the basis of specific complaints.

Members who currently use Safe Harbor to transfer personal information to the USA should review their use of Safe Harbor and consider the risks of transferring personal information to the USA in the light of the Snowden revelations.

They should document their thought processes in coming to a decision as to whether to put in place Model Contract Clauses or Binding Corporate rules as an interim solution.

The ICO has accepted this may take some time and therefore it is unlikely that it will take any enforcement action before 1 February 2016. However, putting your thoughts and decisions made in writing will demonstrate to the ICO that you are taking the matter seriously and not burying your head in the sand and ignoring the ECJ decision.

Hear more from the DMA

Please login to comment.

Comments

Related Articles

A telemarketing programme involving hundreds of one-to-one conversations with customers and prospects is the perfect opportunity to perform a thorough proof of concept. It enables you to learn quickly and validate your approach in a systematic, transparent way, so you set off on a better track.

Depositphotos_667828676_S (1).jpg

Economic pressures have plagued households for several years, with brands facing the challenge of engaging consumers who are more budget-conscious than ever before. As a result, brand loyalty has sharply declined, with 61% of consumers being less likely to stick with brands in 2023 compared to 41% in 2022.

Cost of Living Exit Strategy Report 20244

Purple Square’s Tim Biddiscombe interviewed marketing data and tech industry veteran Andy Masters about the essential roles of listening, learning and trust in building holistic and effective customer journeys.

Thumbnail Reimagining CX _Andy Masters 600x400.jpg

When thinking about sustainable marketing, often we think about the channels we use, or materials we use in a physical sense. We overlook things like the audience targeting, data cleanse & optimisation, which have a big impact on minimising wastage.

1714037684255.png