The Safe Harbor Arrangement has been in place since 2000, and it is a central means by which data about EU citizens can be transferred to companies in the US. Under the EU Data Protection Directive, data can only be transferred to countries with an “adequate level of protection” of personal data. The EU has not deemed the US to provide an adequate level of protection, so Safe Harbor was created as a work around.
The recent case of Google v. Vidal-Hall in the UK has generated quite a buzz, with Omer Tene calling it the “European privacy judicial decision of a decade.”
The case illustrates several fascinating aspects of the developing global law of privacy, with big implications for online marketing, Big Data, and the Internet of Things.
At first blush, it is easy to see the case as one more divergence between how privacy is protected in the EU and US, with a European Court once again showing how much eager it is to protect privacy than an American one. But the biggest takeaway from the case is not one of divergence; it is one of convergence!
This post is part of a post series where we round up some of the interesting news and resources we’re finding.For a PDF version of this post, and for archived issues of previous posts, click here.
We became quite busy after the last update, so we’re a bit backlogged. We are catching up on developments late last year and we have a lot of material. We will release the next issue soon, as there is too much material to fit into this issue.