U.S. businesses that handle personal and company data from overseas may face higher costs and stricter regulations due to a new European legal ruling that finds American law is too weak to protect online privacy.
Last month, the European Court of Justice (similar to the U.S. Supreme Court) struck down the existing Safe Harbor agreement, citing U.S. privacy violations alleged by CIA whistle-blower Edward Snowden.
Potential for Higher Costs, More Complexity
The impact on business: potential disruption of international trade and increased costs of doing business anywhere in Europe.
The high court wants to make sure that European citizens’ privacy rights are respected no matter where in the world their data resides. The Safe Harbor agreement gave American businesses the right to operate under one data privacy standard for all members of the European community.
It’s somewhat like importing goods into the United States. You have one set of federal guidelines to follow; not a different set for each of the 50 states.
By invalidating the Safe Harbor agreement, the European court said that businesses handling international data transfers would have to comply with different regulations on a country-by-country basis—a potentially much more complicated and expensive approach.
Officials on both sides of the Atlantic are working on a compromise.
American government negotiators are optimistic that they can find a better solution in the very near future.
“I think with modest refinements that are being negotiated, we could have an agreement shortly,” said U.S. Secretary of Commerce Penny Pritzker during a recent visit to Germany.
The European high court has granted a grace period ending January 31, 2016 during which Safe Harbor remains valid and in effect. The U.S. and EU governments have until that time to work together in developing a revised Safe Harbor framework.
For more details on the Safe Harbor ruling, click on this CNBC report.
Safety, Security at DriveSavers
At DriveSavers, the oldest and most successful data recovery company in the world, all customer data is protected by the strongest confidentiality and security measures in the industry.
- By way of an annual SOC 2 Type II audit, DriveSavers is in compliance with all regulatory industries, including financial, medical, educational and corporate. SOC 2 Type II certification verifies compliance with regulations such as HIPAA, GLBA, FERPA and all others. This annual security audit confirms that DriveSavers offers the same robust security for all data from large corporations to SMBs to the individual home user.
- DriveSavers does not share customer information with any government entity.
- When working with domestic and international customers, no data is ever exposed to the Internet and all work is done onsite at our secure facility in California by U.S. citizens.
- All employees must pass a strict background check to work at DriveSavers.
Click here to see DriveSavers industry certifications on security and confidentiality.