8 Ways To Secure Data During US-EU Privacy Fight - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Data Management
News
2/15/2016
08:05 AM
Lisa Morgan
Lisa Morgan
Slideshows
Connect Directly
Twitter
RSS
E-Mail
100%
0%

8 Ways To Secure Data During US-EU Privacy Fight

After months of legal uncertainty over transatlantic data flows, the European Commission and the US have agreed on a new framework called the EU-US Privacy Shield. But because no text is available yet, there's no way to interpret it. Here's what organizations need to know now.
Previous
1 of 9
Next

(Image: HebiFot via Pixabay

(Image: HebiFot via Pixabay

The EU-US Safe Harbor that governed the flow of data between the US and European Commission countries is dead, and there's no formal framework text to replace it yet. The result is a lot of legal uncertainty for many organizations when it comes to transatlantic transfers of data. It may be weeks or months before the dust settles. What do enterprises need to know now?

First, some background. On October 6, 2015, the European Court of Justice invalidated the EU-US Safe Harbor framework in the Maximilian Schrems v Data Protection Commissioner case. A couple of weeks later, the Article 29 Working Party issued a statement about the practical effects of the ruling. The group urged businesses to proceed very carefully. Then on February 2, 2016, the European Commission (EU) announced it and the US had agreed on a new framework for transatlantic data flows called the EU-US Privacy Shield, but because no text is yet available, the framework cannot be interpreted.

"We haven't seen the solution. We only heard very high-level principles by the European Commission and some data that was added by the Department of Commerce, but we need to see the actual documentation to understand exactly what this entails," said Omer Tene, VP of research and education at the International Association of Privacy Professionals (IAPP), in an interview.

It's clear that unfettered surveillance by the US is considered inconsistent with fundamental individual privacy rights of Europeans, and that opinions about where lines should be drawn differ from country to country, despite unified efforts to define what are and are not lawful transatlantic data transfers. In the interim, alternative mechanisms are available, including Standard Contractual Clauses and Binding Corporate Rules, but they are far from perfect.

"We're getting inquiries from European and US companies asking what they can do. The Article 29 Working Party said that the model clauses or the binding corporate rules are still legal, but they haven't said they're definitely going to be legal forever going forward, which puts people like me on edge," said Kenneth Mullen, a partner at law firm Withers Bergman, in an interview. "At the moment, companies are putting these alternative methods in place."

In addition, the Article 29 Working Party has strongly suggested businesses consider putting legal and technical solutions in place to further minimize risk, which some companies are doing. Others are taking a wait-and-see approach, since no one knows what the Privacy Shield will actually require until the text is available.

Here are a few things you should be aware of.

Lisa Morgan is a freelance writer who covers big data and BI for InformationWeek. She has contributed articles, reports, and other types of content to various publications and sites ranging from SD Times to the Economist Intelligent Unit. Frequent areas of coverage include ... View Full Bio

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Previous
1 of 9
Next
Comment  | 
Print  | 
More Insights
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

Slideshows
Blockchain Gets Real Across Industries
Lisa Morgan, Freelance Writer,  7/22/2021
Commentary
Seeking a Competitive Edge vs. Chasing Savings in the Cloud
Joao-Pierre S. Ruth, Senior Writer,  7/19/2021
News
How CIO Roles Will Change: The Future of Work
Jessica Davis, Senior Editor, Enterprise Apps,  7/1/2021
White Papers
Register for InformationWeek Newsletters
2021 State of ITOps and SecOps Report
2021 State of ITOps and SecOps Report
This new report from InformationWeek explores what we've learned over the past year, critical trends around ITOps and SecOps, and where leaders are focusing their time and efforts to support a growing digital economy. Download it today!
Video
Current Issue
Monitoring Critical Cloud Workloads Report
In this report, our experts will discuss how to advance your ability to monitor critical workloads as they move about the various cloud platforms in your company.
Slideshows
Flash Poll