As has been reported widely in the world media, the Court of Justice of the European Union (CJEU) this week declared the EU-US Safe Harbour regime to be invalid. The decision has understandably given rise to a lot of concern among European businesses that transfer data to the US.

In this blog post, we seek to answer the main questions that are being asked following the CJEU ruling. Continue Reading Data in Disarray: The Aftermath of the Safe Harbour Decision

The Advocate General, Yves Bot, of the Court of Justice of the European Union (CJEU) last week delivered his opinion in the Maximillian Schrems v Data Protection Commissioner Case, C362/14 (the Opinion). The Opinion, which is advisory in nature, recommends that the Safe Harbour programme be invalidated and that the Irish Data Protection Commissioner (the DPC) be empowered to carry out a full investigation as to the adequacy of protection afforded to the personal data of Facebook’s EU users. Continue Reading Safe Harbour in Danger?

Following the referral of the High Court to the Court of Justice of the European Union (CJEU) in Schrems v Data Protection Commissioner (No.2) [2014] IEHC 351, as reported in two previous blogs, the plaintiff in that case, Max Schrems, has successfully signed up over 25,000 applicants to pursue a quasi "class action" suit against Facebook Ireland Limited in a civil case before the Commercial Court for Vienna.

The number of applicants was capped at 25,000 for practical reasons with the cap being reached within a week of its launch and as of Friday 8th August the number of applicants stood at over 45,000.Continue Reading Class action suit launched against Facebook Ireland in Austria

The European Parliament has passed a resolution in response to the U.S. National Security Agency (NSA) surveillance scandal.  The resolution calls for the suspension of the U.S. – EU Safe Harbour Framework immediately, unless the U.S. satisfies the concerns of the EU Parliament.  

However, the Parliament’s resolution does not affect the validity of the Safe Harbour Framework. Only the Commission can renegotiate the Safe Harbour Framework. Last year, the Commission issued 13 recommendations to improve the functioning of the Safe Harbour scheme, and called upon U.S. authorities to remedy these issues by summer 2014 (see

Continue Reading Calls for Suspension of Safe Harbour

The US Department of Commerce’s International Trade Administration (ITA) has provided some clarification regarding how the US-EU Safe Harbor Framework applies to cloud computing.   

The ITA does not believe that cloud computing represents an entirely new business model or presents any unique issues for the Safe Harbor. The ITA clarifies that the existing Safe Harbor Privacy Principles are comprehensive and flexible enough to address the issues raised by the cloud computing model. 

Continue Reading US Department of Commerce clarifies how Safe Harbor Framework applies to Cloud Computing