Safe Harbor 2.0 is Coming (This Week)
US companies will need to take action to comply with any new agreement
By Bruce J. Heiman, Ignasi Guardans, Etienne Drouard
As we explained in detail in our Explanatory note of October 6 2015, and the webinar that followed held on October 9, the Schrems decision of the Court of Justice of the EU (CJEU) invalidated the US Safe Harbor program, and as a result of that most transfers of European personal data to the US done under that scheme became potentially illegal, if not covered by other legal options as described below.
Subsequently, Europe’s national Data Protection Authorities (DPAs), through the so called Article 29 Working Group, declared their intention not to bring enforcement actions against such EU – US data transfers before February 1, in order to give the US and EU time to reach a new agreement that could meet the objections raised by the CJEU.