Two working parties, ministers galore... but data transfer law remains in limbo The revelations by rogue NSA sysadmin Edward Snowden in 2013 caused indignant EU politicians to open a dialogue with the US government to update the data transfer regime to safeguard personal data. The Privacy Shield is the culmination of those discussions. The US's hands-off approach … Continue reading Privacy Shield not ready yet
Safe Harbor
Brexit = Legal Armageddon?
The Brexit debate continues and, with the Leave and Remain camps neck and neck, it looks likely that the undecided few will carry the result. It seems that we can expect more headline-grabbing soundbites until the vote on June 23. The polarised nature of this debate is throwing up some interesting oddities, so you might … Continue reading Brexit = Legal Armageddon?
Data protection: Don’t be an emotional knee jerk
How many times have you spoken to someone in a call centre who refused to give you information on the basis that the "Data Protection Act" prevents them? Any potential customers in Germany who told you they can’t buy your IT or cloud service because their law prohibits data transfers outside Germany? Has anyone told … Continue reading Data protection: Don’t be an emotional knee jerk
EU-US Privacy Shield
It sounds like the latest superhero movie from Marvel comics. In fact, the EU-US Privacy Shield is the long-expected Safe Harbour 2.0. In a deal reached just after the deadline set by the Article 29 Working Group, the EU Commission proudly proclaimed "Our people can be sure that their personal data is fully protected." We haven't got … Continue reading EU-US Privacy Shield
Where’s Safe Harbour 2.0?
In October last year the Court of Justice of the EU invalidated the Safe Harbour regime. This left many wondering how to continue with data transfers with some saying to use the EU Model clauses. Others, including the commissioner of Schleswig Holstein, said that those clauses were not adequate as they were part of the same decision-making … Continue reading Where’s Safe Harbour 2.0?
Data control in the cloud
http://redskyvision.wistia.com/medias/m6pwmcwo2o?embedType=iframe&videoWidth=640 The cloud customer is the controller and is primarily responsible for complying with the law and the Safe Harbour ruling is part of that.
Data transfers post Schrems
Transfers of data from EU to US can still occur. The Article 29 Working Party has set a deadline of end of January 2016 for Safe Harbour 2.0 to be finalised. After this, depending upon what transfer methods are being used, the data protection authorities will start taking enforcement action. The European Commission sets out … Continue reading Data transfers post Schrems
