The Data Protection Commissioner has been given the green light to investigate Max Schrems’ complaint against Facebook. The Office of the Data Protection Commissioner (ODPC) had initially refused to investigate the complaint based on a view that Commission Decision 2000/520/EC (the Safe Harbour Decision) was both valid and binding on the ODPC.
As has been reported widely in the world media, the Court of Justice of the European Union (CJEU) this week declared the EU-US Safe Harbour regime to be invalid. The decision has understandably given rise to a lot of concern among European businesses that transfer data to the US.
In this blog post, we seek to answer the main questions that are being asked following the CJEU ruling. …
The Advocate General, Yves Bot, of the Court of Justice of the European Union (CJEU) last week delivered his opinion in the Maximillian Schrems v Data Protection Commissioner Case, C‑362/14 (the Opinion). The Opinion, which is advisory in nature, recommends that the Safe Harbour programme be invalidated and that the Irish Data Protection Commissioner (the DPC) be empowered to carry out a full investigation as to the adequacy of protection afforded to the personal data of Facebook’s EU users. …
The European Parliament has passed a resolution in response to the U.S. National Security Agency (NSA) surveillance scandal. The resolution calls for the suspension of the U.S. – EU Safe Harbour Framework immediately, unless the U.S. satisfies the concerns of the EU Parliament.
However, the Parliament’s resolution does not affect the …
The European Commission has published Communications on Rebuilding Trust in EU-US Data Flows and on the Functioning of Safe Harbor. The Communications were released as a result of deepening concerns following the allegations of widespread access by U.S. intelligence agencies to personal data.
The European Commission has called for action in six areas, including:-
- Adoption of the EU’s draft Data Protection Regulation by Spring 2013;
- Improvement of the functioning of the Safe Harbour scheme (which provides a legal basis for the transfers of personal data from the EU to companies in the U.S. for commercial purposes);
- Swift conclusion of the current negotiations on the "umbrella agreement" for transfers and processing of data in the context of police and judicial co-operation;
- Use by the U.S. administration of the existing Mutual Legal Assistance and Sectoral agreements, whenever transfers of data are required for law enforcement purposes;
- Extension of the legal safeguards available to U.S. citizens to EU citizens, not resident in the U.S; and
- Accession by the U.S. to the Council of Europe’s Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (as it acceded to the 2001 Convention on Cybercrime).