In 2000 an agreement called Safe Harbour came into force in the EU that prohibited citizens' personal data from being sent to places that don't have proper privacy protections. It was decided that American firms could self-certify that data being sent to their data centres would be properly protected, so that transfers to the US wouldn't be slowed down.
What went wrong with Safe Harbour?
Everyone has heard of the whistleblower Edward Snowden, well in 2013 he leaked documents outlining the US security services' cyber-spying operations, which caused outrage throughout the world. Privacy campaigners have now been questioning what data sites like Facebook have been sharing with the NSA. However, up until recently there was no way of knowing as they were protected under the Safe Harbour agreement. But that's all about to change….Last October a court ruled that national data watchdogs need to review all transfers of data on an individual basis, but an agreement needed to be made with the US first.
What does this mean for tech companies?
Since October Europe and the US have been in negotiations regarding a new data transfer act and were meant to reach an agreement by January 31, however just when they looked like they were no closer to making a compromise, they formed the "EU-US Privacy Shield". Tech companies must be relieved as EU regulators were on the verge of enforcing a data transfer clampdown if an agreement hasn't been made soon.
The new EU-US Privacy Shield, which will still allows the easy transfer of EU citizens' data, come with promises of better privacy protections from the US. Essentially, Europe is making the US abide by the same data protection standards found in the EU. Tech companies will also face regular compliance checks to ensure that they are still following the deal's rules.
Andrus Ansip, European commissioner for the digital single market said: “We have agreed with our US partners a new framework that will ensure the right checks and balances for our citizens.”
Vera Jourova, European commissioner for justice, said: “For the first time ever, the US has given the EU binding assurances that the access of public authorities for national security purposes will be subject to clear limitations, safeguards and oversight mechanisms.”
360ict provides managed IT services and support for SMEs in central London and the south-east, including Croydon and Bromley. For more advice on gaining competitive advantage as a mid-sized company, give us a call on 0208 663 4000 or head to our website.