German Privacy Regulators and Safe Harbor

I’ve recently returned from a week in German visiting our businesses there. So I thought I might say a few words about Safe Harbor and Germany

Recent statements from some of the German privacy regulators have people worried that Safe Harbor is no longer a legal mechanism to transfer personal data to the US from the EEA. This is not accurate.

The German regulators have stated that personal information must receive adequate protection. Companies that sign-up for Safe Harbor, but that do not implement the commitments operationally, are not providing adequate protection. This is a far cry from declaring Safe Harbor an invalid transfer mechanism, which Germany could not do even if it wanted to since it has been adopted by the EU Commission.

So . . . if you are transferring data to the US via Safe Harbor, make sure your operations, or those of your data processor, are truly implementing the Safe Harbor principles! If you are, then you are compliant with the law!

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s