matrix codice

On October 6th Europe’s highest court declared the US-EU Safe Harbor Framework invalid in light of the widespread mass surveillance carried out by the American government and the inherent inability to protect European privacy rights representing a great victory for Schrems and privacy advocates across the globe.

This past Tuesday changed the way that US companies operating in Europe will transfer data to their parent companies for good. It all started back in 2013 when Max Schrems, an Austrian law student, brought a complaint against Facebook before the Irish Data Protection Authority arguing that his Facebook user data, transferred to the US where it had been processed under the Safe Harbor scheme, was accessible by American intelligence authorities in violation of his privacy rights enshrined in the Charter of Fundamental Rights and the European Data Protection Directive.

Since 2000 the US-EU Safe Harbor Framework has been used by nearly 4,500 companies to transfer mass amounts of data from Europe to the US. The Framework, developed by the United States Department of Commerce in coordination with the European Commission, allowed American companies to declare that they provide an adequate level of protection for personal data transferred from Europe as is required by the EU Data Protection Directive. Now that it’s been struck down, companies are left waiting for more concrete answers which will likely come directly from national Data Protection Authorities that have been given the authority to review US data transfers on a case-by-case basis, something that could potentially lead to restrictions on the commercial processing of European user data inside of the EU according to the Electronic Frontier Foundation.

In addition to its important privacy ramifications, the binding decision of the Court represents a noteworthy challenge to US companies and will have a significant effect on both the American and European economies. In this day in age, data, and therefore cross-boarder data transfers, mean money and the vast amount of data that is regularly transferred from Europe to the US represents the lifeblood of many companies that make significant profits from processing the information that allows them to send personalized advertisements, offers and campaigns to users

The international transfer of data isn’t only vital to the US tech giants, but also plays an important role in the greater global economy. Digitally deliverable services facilitated by global data flows range from intellectual property to finance, telecommunications and insurance provision. While the precise economic impact of a decrease in transatlantic data flows is not quantifiable, consider that, in 2012, 72 percent of American services exports to the EU were digitally deliverable and an estimated 24.8 percent of EU global exports were digitally deliverable services.

Data can still be transferred to the United States through the use of other legal mechanisms such as individual consent, Binding Corporate Rules and standard contractual clauses, and larger companies can even opt to store data on servers located within the EU Member State territory to avoid transferring personal information to the US. These options, however, are both time-consuming and expensive. While many OTTs already have backup plans in place in order to allow for the continuity of their services, SMEs, representing 99 percent of European businesses, have the most potential to suffer possible losses.

The Internet and the relative lack of restrictive legislation governing it have changed the way that business is conducted and facilitated incredible economic growth across the world. According to the European Commission, more than 75 percent of the value created by the Internet is in traditional industries that see lower costs and higher gains as a result of their participation in the Internet economy. Europe’s very own Digital Agenda recognizes the detrimental effect of unharmonized policies that greatly hinder the expansion and growth of businesses across boarders.

It is therefore paramount that the United States government works closely with Europe in order to rapidly find a satisfactory solution that allows the global digital economy to flourish as it has since its inception while also promoting the adequate protection of personal data for European citizens.