- European data protection authorities have given the European Commission and national governments three months to come up with an alternative to the Safe Harbor agreement, CIO reports.
- Any new agreement must “protect the personal data of European citizens from massive and indiscriminate surveillance” said authorities.
- The EU says companies still using Safe Harbour are acting illegally.
The Article 29 Working Party, which is overseeing the development of a new system to replace Safe Harbour, said that if no new agreement has been reached by the end of January, its members would consider “coordinated enforcement actions to ensure companies complied with EU data protection requirements.” Already, companies that are still relying on the old Safe Harbor agreement are acting unlawfully, it said.
On October 6, the highest EU court ruled the Safe Harbour agreement invalid. The agreement had allowed thousands of companies to transfer data easily from Europe to the United States. The court said Safe Harbour does not sufficiently protect EU citizens' personal data.
The case stemmed from a complaint alleging Facebook helped the NSA harvest the private data of EU citizens. But Facebook and other U.S. tech companies maintain they have broken no laws.