Companies are currently on a three month grace period following the end of Safe Harbour

Replacement EU/US data protection treaty in the works

European Union privacy regulators will try to reach a new agreement about data transfers between Europe and the US following the end of the Safe Harbour treaty.

The treaty between the EU and US that came into effect in 2000 was designed to provide a streamlined way for US firms to get data from Europe without breaking its information protection rules.

However, the agreement was deemed invalid by a Luxembourg Court in October due to concerns that US intelligence agencies have been collecting data outside of the terms of the agreement.

Under EU data protection law, companies cannot transfer EU citizens' personal data to countries outside the EU deemed to have insufficient privacy safeguards, of which the United States is one.

During a planned meeting of European data protection authorities in Brussels on 2 February, attempts will be made to find a common position on which legal channels companies can use to shuffle personal data across the Atlantic.

While Washington and Brussels are in discussions regarding a new pact, businesses were given a three-month grace period in which they could set up alternative legal systems to transfer data across the Atlantic.

The US has submitted a package of proposals on a new deal this week which included a letter from the Secretary of Commerce Penny Pritzker, who suggested a new framework.

The new package could be submitted for approval by all 28 EU commissioners prior to the upcoming meeting, although it is expected that further details may need to be ironed out after that.

EU regulators have also been looking into the legality of alternative data transfer mechanisms and expect to reach a common position before 2 February.

"It is evident that we will sanction any transfers of personal data which are solely based on the old Safe Harbour decision," said Johannes Caspar, head of the Hamburg data protection authority in Germany.

He said a new Safe Harbour framework would have to include a number of legal safeguards such as an effective judicial review and independent oversight.

Recent articles

Info Message

Our sites use cookies to support some functionality, and to collect anonymous user data.

Learn more about IET cookies and how to control them