Europe’s highest court declares Safe-Harbor-Agreement invalid: What does that mean for cloud providers?

On Tuesday, October 6th, Europe’s highest court has declared the Safe-Harbor-Agreement between the United States of America and the European Union invalid. Up to this point the agreement determined that personally identifiable information (PII) of EU citizens are allowed to be transfered to and saved in the United States.

From now on no European organization can refer to the Safe-Harbor-Agreement to justify data transfers to the US for email accounts, cloud services or outsourcing projects. The ones who have been relying solely on the Safe-Harbor-Agreement will have to retrieve their data from the US.

The Austrian journalist Max Schrems triggered the investigation of the agreement with his initiative Europe vs. Facebook. He filed a compliant against Facebook a the Irish authority for data privacy, because in his opinion Facebook does not guarantee data privacy, especially after the NSA espionage affair.

Shortly after Edward Snowden sent his congratulations:

But what does this verdict imply for Switzerland that has a similar agreement with the US?

Lawyer Martin Steiger, specialist for law in digital space, IT and media speaks about this topic in an interview with the Tagesanzeiger

“Switzerland has to ask itself now, if their own Safe-Harbor-Agreement with the US is still valid. This raises the question of whether the agreement provides a sufficient level of data privacy in the US.”


“The EU and the USA are facing a disaster. Actually both parties already agreed on a new data privacy convention. The verdict will influence further negotiations, but how exactly it will affect the situation remains to be seen. Eventually the question remains, if other companies will be addressed as well. Facebook is a well chosen target, but just the tip of the iceberg. In the US thousands of companies are relying on the Safe-Harbor-Agreement, in Switzerland and in Europe nearly all companies process PII either directly or indirectly in the US or by US-companies.”

It’s a fact that after this verdict data security and privacy have to be of top priority for cloud providers. At the same time it is essential for organizations to think thoroughly about where to store there data. They need 100% European solutions – like Safe Swiss Cloud.

Links to this topic:

NYT: Data Transfer Pact Between U.S. and Europe Is Ruled Invalid»

re/code: Europe’s ‘Safe Harbor’ Ruling: A Headache for Tech Giants, but a Blow to the Little Guys»

Leave a comment

19 − eight =

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Please Note:
You may use one of these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>