New on INCYDER: EU Court Finds EU-US Personal Data Transfers Not Safe Enough

An INCYDER analysis on the milestone judgment of the Court of Justice of the European Union (CJEU) in the case of Maximillian Schrems vs Data Protection Commissioner notes the invalidation of the EU-US Safe Harbour Commission decision. The INCYDER team evaluated first reactions to the verdict and presents possible practical consequences in their newest analysis.

The court stated that the EU Commission did not determine whether the US in fact ensures a level of personal data protection equivalent to that guaranteed in the EU. It was highlighted that the Safe Harbour decision which was initially provided to more than 4000 companies such as Facebook, Google or Amazon does not impose sufficient legal limits on US government authorities accessing EU citizens’ personal data.

This practice thus interferes with the EU Charter of Fundamental Rights which determines in article 8 that “[e]veryone has the right to the protection of personal data concerning him or her.”

INCYDER is an interactive research tool focusing on the legal and policy documents adopted by international organisations active in cyber security. The collection of documents is periodically updated and supported by a comprehensive system of tags that enable filtering the content by specific sub-domains. INCYDER also features descriptions and news briefs about these selected organisations.