Safe Harbour 2.0 â what happens now the 31st January deadline has passed? | DMA

Filter By

Show All

Connect to


Safe Harbour 2.0 â what happens now the 31st January deadline has passed?


Vera Jurova, European justice commissioner, says Safe Harbour 2.0 negotiations are ongoing, and agreement with the US is 'close', but we don't yet know whether enforcement action is imminent as the deadline for agreement has expired

Safe Harbour 2.0 negotiations are ongoing and agreement is 'close', despite the 31 January deadline for agreement expiring, European commissioner for justice, consumers and gender equality Vera Jurova told the Civil Liberties, Justice and Home Affairs Committee (LIBE) of the European Parliament on the evening of 1 February 2016.

She gives the same presentation to her fellow European Commissioners on 2 February, confirming that the European Commission has missed its target of putting in place a revised Safe Harbour agreement by 31 January.

Schrems case

The European Court of Justice struck down the previous Safe Harbour agreement in October 2015 following a case brought by Max Schrems. Schrems said the 'Safe Harbour', extended to some 3,000 US tech firms that permitted those firms to move data to the US from the EU offered no protection to EU citizens in light of the revelations made by Edward Snowden.

This forced the European Commission to negotiate a revised Safe Harbour agreement with the US.

Will the national data protection authorities now take enforcement action?

The national data protection authorities will hold one of their regular meetings, known as the Article 29 Working Party, on February 2 and 3. Safe Harbour is top of the agenda.

At a previous meeting they agreed not to take enforcement action until 31 January.

However, some national data protection authorities may be keen to start enforcement action against large US tech companies to make a political point.

We will have to wait until the conclusion of the February meetings to find out whether some of the national data protection authorities are going to start taking enforcement action

What should members do now?

Members who transfer personal information to the USA and rely on Safe Harbour should have already reviewed the transfer and be thinking about using Model Contract clauses instead.

The ICO has advised UK companies not to panic and this advice still holds.

Members using the goods and services of US tech companies may well have been asked to sign Model Contract Clauses by those US-based companies already.

Future developments

The DMA will update members of developments.

Hear more from the DMA

Please login to comment.