Despite the U.S.-EU Safe Harbor agreement’s apparent success at facilitating cross-border data transfers since its adoption in 2000, it’s in danger. MEP Jan-Phillip Albrecht recommended in his report earlier this year that the mechanism be discontinued, and the Transatlantic Trade and Investment Partnership (TTIP) negotiations have indicated discontent with the current framework. As such, organizations certified under Safe Harbor should closely monitor the EU’s legislative process and the TTIP for indications about Safe Harbor’s future. Under Safe Harbor, U.S. organizations certify to the U.S. Department of Commerce that they provide certain protections for personal data. Those protections are designed to ensure that organizations meet EU data protection requirements. Criticisms of Safe Harbor and other mechanisms that allow data to be transferred from the EU to the U.S. have, in many instances, been blind to the nature of government surveillance in EU countries. The outcry over U.S. government surveillance has apparently reenergized EU data protection reform efforts and could spell trouble for Safe Harbor.
