Changes to Safe Harbor certification
Some new changes are being made to the Safe Harbor agreement between the United States and European Union. Currently, personal data transfer is heavily restricted between the EU and US because, according to EU law, the United States fails to meet the standard for privacy protection. Safe harbor is provided in cases where the receiving party in the United States shows through the Chamber of Commerce that the EU's requirements are met. Due to new threats to privacy in the United States (namely the NSA, among others) a few changes have been proposed to the agreement.
These changes include increased transparency for Safe Harbor, a revision of the method for solving disputes, increased compliance to be ensured by the United States Chamber of Commerce, and clarification of when certain agencies within the United States government will be accessing EU personal data. Implementing these policies is aimed to increase overall transparency for how personal information privacy is handled in the United States, as well as to ensure some core responsibilities are handled appropriately by the United States government.
A statement by the European Commission in November 2013 clarifies the recommendations, as they are designed “...to improve the continuity of data protection rights of Europeans when their data is transferred to the US.” The intent is that the United States Chamber of Commerce will flag companies that are not in full compliance with the new agreement, and non-complying corporations or organizations may receive a suspension or inspection. There are also stated to be consequences laid out for bodies that falsely claim compliance with the redesigned Safe Harbor agreement.
After the events surrounding Edward Snowden, the European Parliament released a suspension of Safe Harbor. The suspension was designed to increased pressure to bolster the regulations of the Safe Harbor agreement, and came with the recommendations from the Data Protection Working Party. Pending the results of the ongoing discussion between the United States and European Union, the suspension may be maintained if the outcome is not favorable.
There are a number of benefits that the reform could pose for the agreement between the US and EU. Perhaps most significant is the building of trust in the data flow between EU and US, as well as an increased level of satisfaction from EU citizens whose information is being collected (whether they choose to opt out of data collection or not). Several factors will be implemented in order to ensure that the changes are properly implemented, such as an overall analysis of the Safe Harbor's function, reports on the Terrorist Finance Tracking Program, and review of the agreement between the United States and EU on passenger name records. The EU-US Working Group is also expected to analyze any conflicts between information protection laws in the United States and European Union, and provide a report that will influence changes to the agreement.
- Privacy policies for Children
- Safe Harbor Certification
- The Importance of Safe Harbor Certification
- Privacy Breach
- NHS care.data delayed - updated
- CASL - Canadian Anti Spam Legislation
- Changes to Safe Harbor certification
- Facebook Instant Personalization
- Safe Harbor vs Binding Corporate Rules
- Safe Harbor 2.0
- GDPR - General Data Protection Regulation
- Difference between GDPR and ePrivacy regulation