Safe Harbor Ruling Leaves Data Center Operators in Ambiguity

By Yevgeniy Sverdlik

The Safe Harbor agreement that provided a legal framework for the commercial movement of personal data between EU and US in compliance with European privacy laws, was annulled by the European Court of Justice, causing a lot of uncertainty for American companies. DataCenter Knowledge spoke with Cliff Moyce of DataArt who assessed the magnitude of the toll on international organizations as a whole, and cloud service providers in particular, reframing the issue of data transfer to the one of data access:

“While cloud service providers are the most obvious category of businesses affected by the ruling, it can be disruptive for any international organization that has some part of its operations in the EU. Such organizations, including banks, for example, will need to review their business processes, systems, controls, and agreements (including customer, supplier and personnel agreements) to ensure compliance for any data sharing and data transfer activity that crosses borders. The concept of ‘data transfer’ is an old-fashioned one. Today, data is accessed rather than transferred. Modern systems infrastructures mean that data can be accessed from anywhere. The secret to compliance is control of access, not control of ‘transfer.’”​

View original article or download PDF.