If possible, companies doing business in the EU or with EU residents should consider avoiding the ‘Safe Harbor’ agreements altogether and consider how they can comply with the EU data privacy regulations as they stand.
San Antonio, TX (PRWEB) February 29, 2016
According to a February 2, 2016, European Commission press release, the EU-US Privacy Shield will protect the fundamental rights of Europeans where their data is transferred to the United States and ensure legal certainty for businesses. “The EU has strict data protection laws regarding how personal information is held and used,” said attorney James P. Robinson, principal of Robinson & Associates, PLLC. “Basically, it must be used/maintained in a specified manner and the info must be maintained inside the EU.”
However, because of the enormous amount of U.S.-based e-commerce in the EU, adds Robinson, there has been an exception to this, called the “Safe Harbor.” Essentially, the EU agreed that personal information of EU citizens maintained in the United States satisfied EU privacy rules. However, the European Court of Justice, on Oct. 5, 2015, based partly on the Snowden revelations of generalized NSA snooping, struck down the “Safe Harbor.” Therefore, United States companies active in the EU are now breaking EU law if they are maintaining personal information of EU residents in the United States (or anywhere outside the EU).
“Initially, the EU privacy rules were understood to apply to non-EU companies that had a subsidiary or other ‘establishment’ in the EU,” said Robinson. “Over time, however, and particularly with the increasing prevalence of e-commerce, this net of applicability has widened, and it is still widening.”
Additionally, there are new rules expected to come into effect by 2018 that will broaden them even further. In general terms, any company that has any sort of regular business in the EU or with EU residents, whether it is virtual or brick-and-mortar, should consider themselves potentially bound by these laws. All personal information of EU residents collected must be maintained within the EU, according to EU standards. Under the 2018 regulations, the data protection laws will apply to everyone who offers goods or services to EU residents or monitors the behavior of EU residents.
“Each case will undoubtedly be dealt with on its own facts, as we do not have a bright-line rule at the moment,” said Robinson. “If possible, companies doing business in the EU or with EU residents should consider avoiding the ‘Safe Harbor’ agreements altogether and consider how they can comply with the EU data privacy regulations as they stand. Unfortunately, for many such companies, this will be impractical or prohibitively expensive.”
About James P. Robinson, Robinson & Associates, PLLC
James P. Robinson is the founder of Robinson & Associates, PLLC, a law firm with a national and international reach. Robinson & Associates has developed a practice providing comprehensive legal representation to businesses and entrepreneurs for issues related to business and commercial law, insurance disputes and international law. For more information, call (210) 822-2510, or visit http://www.jamesprobinsonlaw.com. The law office is located at 700 N. St. Mary’s Street, Suite 400, San Antonio, TX.
About the NALA™
The NALA offers small and medium-sized businesses effective ways to reach customers in the digital age, while providing a single-agency source that helps them flourish in their local community. The NALA offers its clients an array of marketing tools from press release campaigns and social media management to a cause marketing program. The NALA’s mission is to make businesses relevant and newsworthy, both online and through traditional media, by providing increased exposure at reasonable costs. For media inquiries, please call 805.650.6121, ext. 361.