U.S.-EU Safe Harbor Framework
Update on the U.S.-EU Safe Harbor Framework
On October 6, 2015, the European Court of Justice issued a judgment declaring as invalid the European Commission’s Decision 2000/520/EC of 26 July 2000 on the adequacy of the U.S.-EU Safe Harbor Framework. U.S. and EU officials are currently discussing the development of an enhanced mechanism that protects privacy and provides an alternative method for transatlantic data transfers. In the meantime, we continue to expect companies to comply with their ongoing obligations with respect to data previously transferred under the Safe Harbor Framework. We also encourage companies to continue to follow robust privacy principles, such as those underlying the Safe Harbor Framework, and to review their privacy policies to ensure they describe their privacy practices accurately, including with regard to international data transfers. Updated: November 6, 2015.