Brussels, BELGIUM — The Court of Justice of the European Union (CJEU) delivered its final ruling this morning in the case “Schrems Vs the Data Protection Commissioner.” The high court decided to invalidate the 15 year old EU-U.S. framework for commercial data transfers, the Safe Harbor. More than 4,000 European and International companies are Safe Harbor participants. EU and U.S. negotiators are reported to be close to finalising a new Safe Harbor framework.
The ruling creates uncertainty over how companies can conduct their day-to-day commercial data transfers between Europe and the rest of the world. The majority of Safe Harbor participants are small and medium-sized enterprises. A disruption of trade in services and cross-border data flows could reduce EU GDP by up to 1.3 percent (ECIPE, 2013).
The Computer & Communications Industry Association represents companies that depend on predictable rules for cross border data flows.
The following can be attributed to CCIA Europe Director Christian Borggreen:
“The ruling creates uncertainty for the European and International companies that rely on Safe Harbor for their commercial data transfers, most of which are small and medium-sized enterprises. We expect that a suspension of Safe Harbor will negatively impact Europe’s economy, hurt small and medium-sized enterprises, and the consumers who use their services, the most.”
“We urge the European Commission to immediately issue guidance to companies that depend on Safe Harbor for their commercial data flows.”
“We encourage EU and U.S. negotiators to quickly present a new, safer Safe Harbor framework to ensure predictable rules to the benefit of European consumers and companies, addressing the concerns of the court.”
“It is imperative that the EU does not become a disconnected island in a global digital economy.”