0370 270 6000

already registered?

Please sign in with your existing account details.

need to register?

Register to access exclusive content, sign up to receive our updates and personalise your experience on brownejacobson.com.

Privacy statement - Terms and conditions

'Safe Harbor' - not safe enough for cloud computing?

1 August 2012

Can you rely on Safe Harbor Certificates when transferring personal data to the USA? Not according to a recent EU opinion.

Companies planning to transfer personal data to the USA (e.g. when switching to a US based cloud computing provider) need to make sure they don’t breach their obligation not to transfer personal data outside the EEA without an adequate level of data protection.

Many US based cloud providers will claim that they can demonstrate this by holding 'Safe Harbor' certification.

A recent Article 29 Working Party Opinion raises concerns for those relying on this, making the point that companies should have adequate contractual protection in place as well as checking that the certification is both current and complied with.

This is sensible given the USA’s dominance of the sector, but will often place additional burden on buyers of cloud computing services.

We recently recorded some training on issues to look out for when moving to cloud computing, which you’re welcome to view here.

related opinions

IR35 changes - six months and counting...

In his 2018 Autumn Budget, the then Chancellor, Phillip Hammond, announced a significant change to the way liability for IR35 breaches will be dealt with for private sector companies from April 2020.

View blog

Marriott International: a look behind the ICO’s £99m fine and what this means for corporate acquisitions

Last month, the Information Commissioner’s Office (ICO) announced notice of its intention to fine (NOI) Marriott International, Inc. £99m for infringements of the GDPR.

View blog

Supreme Court backs employers seeking to enforce restrictive covenants: Tillman v Egon Zehnder Ltd

The Supreme Court in Tillman v Egon Zehnder Ltd has determined that where post-termination restrictive covenants (i.e. “non-compete” clauses) in employment contracts go further than reasonably necessary to protect an employer’s business interests, it can apply the ‘blue pencil test,’ severing the offending words and leaving the remaining enforceable clause in place.

View blog

Discount rate remains negative

The much anticipated revision of the discount rate has arrived with the Lord Chancellor, David Gauke, announcing that it will be fixed at -0.25%.

View blog

mailing list sign up



Select which mailings you would like to receive from us.

Sign up