Diese Seite teilen: 

The Commission has failed to ensure a solid data protection framework for the transfer of EU citizens' data to US companies. As a result citizens and businesses alike are left with an unclear legislative patchwork after today's ruling of the EU Court of Justice declaring the Commission adequacy decision invalid, says Civil Liberties Committee Chair Claude Moraes, calling for immediate action from the Commission to provide clarity and proper data protection standards for data transfers to the US.

Statement from Civil Liberties Committee Chair, Claude Moraes (S&D, UK), after the European Commission's initial response to the Safe Harbour ruling:

"The Commission's initial response to the European Court of Justice decision to invalidate the Safe Harbour agreement is disappointing as it lacks any real concrete update on what it intends to do regarding replacing the Safe Harbour framework.

Despite the fact that the Commission has been in negotiations with the US on reform of the Safe Harbour for nearly two years, we have still not received any update on the negotiations or the impact that this decision will have on the discussions. Given that the European Court of Justice has invalided the Safe Harbour framework immediately, it is also regrettable that the Commission has not specified a timeframe for the conclusion of these discussions.

It is unfortunate that the Commission did not follow up on the European Parliament's repeated calls to suspend the Safe Harbour framework as this would have allowed it to implement transitional measures over a period of time. Instead, as the European Court of Justice ruling takes effect immediately, the issue has become urgent resulting in the need for the Commission to provide immediate clarity to companies who are uncertain as to how they can continue to transfer EU citizens' data to the US as well as to provide guidelines to the national data protection authorities.

Of course, the flow of EU citizens' data will continue and there are other alternatives that business can use, including standard contractual clauses or binding corporate rules. This shows that the judgement will not result in a dramatic stop to data flows across the Atlantic with serious economic impact - instead it shows that it is possible to continue with data transfers and at the same time implement a framework that will protect EU citizens' data when being transferred to the US and ensure they have equivalent safeguards to those that exist in the EU.

Both the message from the European Parliament and from the European Court of Justice have been clear: the Safe Harbour framework does not protect European citizens private data when being transferred to the US as the EU Charter and EU law require. Now the responsibility to remedy this solution is with the Commission. It must act without delay to fill this void".

Note to editors


The 2000 Safe Harbour agreement allows companies to transfer European citizens' private data to the US if they vouch for adequate privacy protection as set out in the agreement. More than 4000 companies currently use Safe Harbour for the transfer of data, including firms like Facebook, Google and Microsoft.

Following a complaint by Austrian citizen Max Schrems, the European Court of Justice on Tuesday 6 October declared that the Commission's Safe Harbour decision is invalid. The verdict follows the opinion of the advocate general issued on 23 September 2015.

In his complaint, Mr Schrems argues that the Snowden revelations of the NSA data collection programme PRISM which sees EU citizens' data held by US companies passed on to US intelligence agencies brings into question the adequacy of the data protection rendered by Safe Harbour.

Following Snowden's revelations, the European Commission in November 2013 issued 13 recommendations to restore trust in safe harbour and make it safer.

The European Parliament has repeatedly called for the suspension of Safe Harbour, most recently in its 2014 resolution on the surveillance carried out by the NSA.