Monday, September 28, 2015

Dark clouds over Safe Harbor

I wrote about a year ago about an Ireland’s data protection case, in which an Austrian data protection activist Max Schrems challenged the Irish Data Protection Authority (DPA) to review how Facebook Ireland handles his personal data, in particular the transfer of personal data to the US.

The Irish DPA claimed that as Facebook is Safe Harbor certified, the DPA is bound by the European Commission (Commission) decision on Safe Harbor. During the proceedings, the judge has asked the Court of Justice of the European Union (CJEU) if national DPAs may conduct an independent evaluation of a third country’s level of data protection although the Commission has evaluated this third country as adequate. A few days ago, the Advocate General published his Opinion on the Case C-326/14.

Read more »