Safe Harbor is dead! What's next?

Oct 09 2015

Tuesday, October 6, 2015, the Court of Justice of the European Union (CJEU) decided to strike down the "Safe Harbor", a key legal principle that had enabled U.S. web giants (Google, Facebook and Apple) who operate in the European Union to store and manipulate the personal data of people living there.

The "Safe Harbor" was the result of an agreement from the July 26, 2000 in which the European Commission considered that the countries who signed the agreement, agreed to a level of protection in accordance with the European standards of personal data for the EU citizens.

But the Snowden case has changed everything. The massive NSA spying of the European citizen's data is a violation of the agreement, causing its end in the ruling of the CJEU.

What will be the consequences of this decision?

There are different points of view:
For some people it could be the World victory on privacy, for the others it could mean a risk for the European economy and for the relationships between the United States and Europe.

It is hard to imagine that the U.S web giants will store overnight the data of the EU citizens in Europe to comply with the law.

Nevertheless, it is hard to believe that a new agreement can't be found.

As Christophe Auffray says in his article, "patching the Safe Harbor is complicated".
The decision pronounced by the CJEU is based on several deficiencies which seem difficult to correct without changing the US law.

The national security laws make it a challenge for US companies to fully ensure data privacy. And the US is likely to stay inflexible on this point.

Will this have only the effect of a sword cutting through water?

XWiki SAS has always put the safety and the data control as its first priorities.
Thus, our customers monitor the tracking of their data. They can also choose to host their data on their own servers, and completely control the way it is used.