What’s the News?
Following the European Court of Justice’s decision to invalidate the safe harbor framework, multinational businesses have been clamoring for guidance regarding how best to comply with European Union data protection laws while transferring data from the EU to the United States. While regulators are actively working to develop a “Safe Harbor 2.0”—with some speculating that draft legislation may be finalized as early as mid-December 2015— no such framework has been released. Further, it has been widely recognized that all data transfers taking place based upon a previous reliance on the framework are now in violation of EU law unless a separate transfer rationale exists. Given these concerns, several EU data protection authorities (DPAs) have spoken out with some guidance.