Brussels, Belgium – Earlier today the Court of Justice of the European Union (CJEU) ruledin the Schrems case, finding that the Safe Harbour mechanism is invalid. Safe Harbour is a transatlantic data transfer mechanism enabling US companies to send data collected in the EU to the US. The Court also confirmed that the Irish Data Protection Commissioner has to investigate the Safe Harbour compliance with EU law.
“Access Now welcomes today’s CJEU landmark decision,” said Estelle Massé, European Policy Analyst at Access Now. “This ruling confirms that the Safe Harbour mechanism is beyond repair, and puts an end to over a decade of privacy violations.”
Ever since its implementation in 2000, Safe Harbour has faced an avalanche of criticism from data protection experts, civil society, and digital rights groups. The agreement is, by its very nature as a self-certified mechanism that lacks oversight and fails to provide redress, entirely unsafe. This ruling is a call for legislators on both sides of the Atlantic to carry out a comprehensive review of data transfer mechanisms.
“On the basis of this ruling, we urge European legislators to explore better ways to protect the privacy rights of their citizens when personal data is being transferred globally,” said Massé. “This ruling highlights that the decision to allow the transfer of data outside the EU cannot be left to the discretion of the Commission alone. The Parliament and EU data protection authorities have to be involved.”
Access Now looks forward to the development of a modern framework for the transfer of personal data that will ensure robust data protection and provide legal certainty for companies.
Policy Analyst, Access Now
0032 485 44 54 58