Article 29 Working Party on Safe Harbor

The Article 29 Working Party of European Data Protection supervisors has now published its response to the European Court’s ruling that the US-EU Safe Harbor agreement can no longer be relied upon when exporting personal data from the European Economic Area.

Like the UK Information Commissioner’s earlier statement, they recognise that data exporters and US service providers will need some time to make alternative arrangements. The Working Party note that discussions between the EU and US authorities on a revised Safe Harbor are already taking place but say that if a satisfactory conclusion is not reached by the end of January 2016 then enforcement measures may be required. In the meantime, national Data Protection Regulators are expected to provide guidance on alternative measures that organisations exporting personal data may consider, if they are not already using them.

Information about Jisc’s continuing work with cloud providers, including a note for institutions on the legal situation as of 14th October, can be found in the relevant community groups, linked from our earlier post.

By Andrew Cormack

I'm Chief Regulatory Advisor at Jisc, responsible for keeping an eye out for places where our ideas, services and products might raise regulatory issues. My aim is to fix either the product or service, or the regulation, before there's a painful bump!

Leave a Reply

Your email address will not be published. Required fields are marked *