Europe and the US need to develop a data transfer deal to replace the now defunct Safe Harbour agreement within three months, the European Commission has said.
Last month, the long-established Safe Harbour treaty was deemed invalid by a Luxembourg Court following revelations about data collection by US intelligence agencies.
The treaty was originally launched in 2000 as a way for US firms to get personal data from Europe without breaking its information protection rules. It was deemed invalid because US authorities had bulk access to the data on national security grounds.
European data protection regulators have given companies a three-month grace period to put in place alternative mechanisms.
The Commission has issued guidance to businesses affected by the ruling about how they could legally continue to transfer Europeans' data to the United States.
Businesses can use ‘standard contractual clauses’ or ‘binding corporate rules’ to transfer data, as well as asking consumers for their consent.
"We need an agreement with our US partners in the next three months, we need a bulletproof solution," said Andrus Ansip, vice-President of the Commission.
US and EU companies, such as Google and Microsoft , commonly shuffle personal data across the Atlantic on a daily basis for numerous reasons, including employee information for human resources or user data collected by internet companies for use in the billion-dollar online advertising market.
The European Commission wants guarantees from Washington that the United States would access Europeans' data only on a targeted basis.
EU Justice Commissioner Vera Jourova will travel to Washington next week to continue discussions on a new framework.
"The [Luxembourg] court ruling is our benchmark in our talks with the United States," she said. "It is now for the US to come back with their answers."
The breakdown in the Safe Harbour agreement followed revelations from whistle-blower Edward Snowden, previously a contractor for the USA National Security Agency, about mass surveillance of personal data on the internet.
In the latest of a string of revelations, Snowden revealed that the UK’s GCHQ has the capability to eavesdrop on people by controlling the microphones on their phones and even remotely switching the handsets off and on.