6 steps eu safe harbor

6 Steps to Take Now that EU Safe Harbor Is Not the Only Game In Town

EU Safe Harbor

When the European Court of Justice invalidated the EU Safe Harbor framework, it put all data transfers based on Safe Harbor self-certification in legal limbo. While the ruling doesn’t require that those transfers cease, it means there no longer is any legal authorization for those data transfers. Without Safe Harbor, gaining approval for data transfers from the EU requires approval …

Will There Be a New EU Safe Harbor? Don’t Let the Suspense Stop You From Taking Action

EU Safe Harbor 0 Comments

The Internet makes sending data from the EU to US easy. Making that data transfer compliant, well, that’s not so simple. The data protection laws differ among the EU member states, and getting approval from each nation’s Data Protection Authority (DPA) could be time consuming and complex. That’s where the EU Safe Harbor agreement came in; companies that self-certified for …

EU Safe Harbor - model clauses

EU-US Safe Harbor: Model Clauses – Not All They’re Cracked Up to Be

EU Safe Harbor

In a recent blog post, we referred to the now defunct EU-US Safe Harbor framework as a house of straw, while comparing the European Commission (EC) Model Clauses (the theoretical replacement) to a house of sticks – better, perhaps, but still vulnerable to wolf-force winds. It turns out we are not the only ones falling back on children’s story analogies. …

EU-US Safe Harbor: Moving from a House of Straw to a House of Sticks?

EU Safe Harbor, In the News

In the wake of last week’s bombshell decision by the European Court of Justice (ECJ) to invalidate EU-US Safe Harbor, many organizations are scrambling to take immediate steps to limit their risk. While the ECJ decision takes effect immediately, it is extremely unclear how cross-Atlantic data transfers will be governed without Safe Harbor. The initial advice from many regulators and …

Data Sovereignty: A layman’s guide to the Microsoft Ireland Case


If your customer is in  Amsterdam, your data center is in Ireland, you are a US-based company, and you have just been served a search warrant for data by one of these governments, should you comply? Microsoft recently had to face a similar situation when US federal prosecutors served them with a search warrant that demands access to umails stored …