Europe’s High Court Strikes Down EU-US ‘Safe Harbor’ Data Sharing

Data transfer between the U.S. and Europe just hit a major bump in the road.

The Court of Justice of the European Union (CJEU) ruled yesterday (Oct. 6) that a 15-year-old international pact permitting a free flow of information was invalid.

The longstanding data agreement, better known as the Safe Harbor framework, gives permission to U.S. companies to transfer the personal data of European citizens back to the States, as long as the data is stored and collected according to a specific set of security rules outlined in the pact.

But now the arrangement has been struck down in light of the revelations brought on by former NSA contractor Edward Snowden, which called into question how sufficiently European users’ data was being safeguarded by the agreement, Re/code reported.

In a statement last month, the CJEU said, “The access enjoyed by the United States intelligence services to the transferred data constitutes an interference with the right to respect for private life and the right to protection of personal data, which are guaranteed by the Charter.”

More than 4,000 U.S. firms rely on the now defunct Safe Harbor rules to ensure their data transfers are performed legally, including Facebook, Google and Twitter.

Re/code pointed out that the effect of Tuesday’s ruling may not be felt by many of the tech giants due to the fact that they have established other methods to enable the international transfer of personal data, such as building European-based data centers so the data never actually leaves.

With striking down the Safe Harbor agreement, each country within the European Union could potentially establish and carry out its own rules and regulations relating to privacy.

The ruling also has the potential to “unintentionally tilt the global privacy and data protection landscape to make the EU the global center of gravity,” Jim Koenig of Paul Hastings, a Washington, D.C.-based law firm, told USA Today.

Striking a balance between ensuring the privacy of citizens and encouraging growth in a global economy is increasingly important when data is increasingly becoming the most important — and extremely valuable — commodity. Boston Consulting Group estimated EU citizens’ data alone will be worth $1.1 trillion by 2020.

To check out what else is HOT in the world of payments, click here.


Latest Insights: 

Our data and analytics team has developed a number of creative methodologies and frameworks that measure and benchmark the innovation that’s reshaping the payments and commerce ecosystem. Check out the February 2019 PYMNTS Digital Fraud Tracker Report


To Top