EU and U.S. negotiators are working against the clock to agree on a new and strengthened framework for transatlantic data flows by the end of January. This is the deadline provided by European data protection authorities after which they could start procedures against companies still relying on the old framework invalidated by the Court of Justice of the European Union (CJEU).
A halt to commercial data transfers between the EU and the U.S. could severely damage our economies, worsen the transatlantic partnership and fragment the global Internet. Negotiators are therefore scrambling to agree on a new framework that addresses the CJEU’s points of criticism.
So what should a new and improved Safe Harbour framework look like? Here are some ideas:
A streamlined and transparent framework
The main advantage of the original Safe Harbour was that it was a streamlined and cost-effective framework. Other types of transfer mechanisms exists, but they are costly, bureaucratic, limited in use, or take time to put in place. The main feature of Safe Harbour is the concept of companies’ self certification. These are binding legal commitments which are fully transparent to the public. Small- and medium-sized enterprises (SMEs), which constituted 60% of Safe Harbour companies, particularly benefitted from the framework.