In October 2015, the ECJ declared the Safe Harbor agreement between the EU and the USA, regarding the storage of personal data in the USA, invalid because there was no guarantee that European data would be adequately protected in the USA.
This decision has significant implications, not only for large companies such as Facebook or Google but for all companies that transfer personal data to the USA. This can happen in a variety of ways, for example if email servers are located in the USA, US cloud solutions are used or certain data processing processes are outsourced to a US company.

As long as there is no new agreement between the EU and the USA regarding the storage of personal data in the USA, there is a risk that such processes, which were covered and legitimized by Safe Harbor, will now require additional approval from the data protection authority!
The Commission is therefore negotiating intensively with the USA and has promised a new agreement, which was announced in the media under the title “Privacy Shield”. However, many details about Privacy Shield are not yet known, so there is latent legal uncertainty.
You can find out more about this in our Newsletter.

Newsletter