    
 
  
|
Safe Harbor
The European Commission’s Directive/95/46 on Data Protection would
prohibit the transfer of personal data to non-European Union nations
that do not meet the European “adequacy” standard for privacy
protection. The U.S. Department of Commerce in consultation with the
European Commission developed a "Safe Harbor" framework that
organisations can join to enable the transfer of personal data.
Benefits
- All 27 Member States of the European Union will be bound by the European Commission’s finding of adequacy.
- Companies participating in the safe harbor will be deemed adequate and data flows to those companies will continue.
- Member State requirements for prior approval of data transfers either will be waived or approval will be automatically granted; and
- Claims brought by European citizens against U.S. companies will be heard in the U.S. subject to limited exceptions.
How to join
The decision by U.S. organizations to enter the safe harbor is
entirely voluntary. Organisations that decide to participate in the
safe harbor must comply with the safe harbor's requirements and
publicly declare that they do so. To be assured of safe harbor
benefits, an organisation needs to self certify annually to the
Department of Commerce in writing that it agrees to adhere to the
safe harbor's requirements, which includes elements such as notice,
choice, access, and enforcement. It must also state in its published
privacy policy statement that it adheres to the safe harbor.
www.export.gov/safeharbor
|  |
|
