Privacy Shield not ready yet

Two working parties, ministers galore... but data transfer law remains in limbo The revelations by rogue NSA sysadmin Edward Snowden in 2013 caused indignant EU politicians to open a dialogue with the US government to update the data transfer regime to safeguard personal data. The Privacy Shield is the culmination of those discussions. The US's hands-off approach … Continue reading Privacy Shield not ready yet


Brexit = Legal Armageddon?

The Brexit debate continues and, with the Leave and Remain camps neck and neck, it looks likely that the undecided few will carry the result. It seems that we can expect more headline-grabbing soundbites until the vote on June 23. The polarised nature of this debate is throwing up some interesting oddities, so you might … Continue reading Brexit = Legal Armageddon?

Data protection: Don’t be an emotional knee jerk

How many times have you spoken to someone in a call centre who refused to give you information on the basis that the "Data Protection Act" prevents them? Any potential customers in Germany who told you they can’t buy your IT or cloud service because their law prohibits data transfers outside Germany? Has anyone told … Continue reading Data protection: Don’t be an emotional knee jerk

EU-US Privacy Shield

It sounds like the latest superhero movie from Marvel comics. In fact, the EU-US Privacy Shield is the long-expected Safe Harbour 2.0. In a deal reached just after the deadline set by the Article 29 Working Group, the EU Commission proudly proclaimed "Our people can be sure that their personal data is fully protected." We haven't got … Continue reading EU-US Privacy Shield

Where’s Safe Harbour 2.0?

In October last year the Court of Justice of the EU invalidated the Safe Harbour regime. This left many wondering how to continue with data transfers with some saying to use the EU Model clauses. Others, including the commissioner of Schleswig Holstein, said that those clauses were not adequate as they were part of the same decision-making … Continue reading Where’s Safe Harbour 2.0?

Data control in the cloud The cloud customer is the controller and is primarily responsible for complying with the law and the Safe Harbour ruling is part of that.

Data transfers post Schrems

Transfers of data from EU to US can still occur. The Article 29 Working Party has set a deadline of end of January 2016 for Safe Harbour 2.0 to be finalised. After this, depending upon what transfer methods are being used, the data protection authorities will start taking enforcement action. The European Commission sets out … Continue reading Data transfers post Schrems