0370 270 6000

already registered?

Please sign in with your existing account details.

need to register?

Register to access exclusive content, sign up to receive our updates and personalise your experience on brownejacobson.com.

Privacy statement - Terms and conditions

'Safe Harbor' - not safe enough for cloud computing?

1 August 2012

Can you rely on Safe Harbor Certificates when transferring personal data to the USA? Not according to a recent EU opinion.

Companies planning to transfer personal data to the USA (e.g. when switching to a US based cloud computing provider) need to make sure they don’t breach their obligation not to transfer personal data outside the EEA without an adequate level of data protection.

Many US based cloud providers will claim that they can demonstrate this by holding 'Safe Harbor' certification.

A recent Article 29 Working Party Opinion raises concerns for those relying on this, making the point that companies should have adequate contractual protection in place as well as checking that the certification is both current and complied with.

This is sensible given the USA’s dominance of the sector, but will often place additional burden on buyers of cloud computing services.

We recently recorded some training on issues to look out for when moving to cloud computing, which you’re welcome to view here.

related opinions

Do you collect personal data from children, whether deliberately or by accident? If so you’d better read this…

If you provide goods or services online that might be of interest to children then you’re going to want to go through the ICO’s “Age Appropriate Design Code of Practice” - a code requiring minimum standards of any online service aimed (or which is likely to interest) children.

View blog

Beards: Smart or Not?

In Sethi v Elements Personnel Services Limited, the Employment Tribunal has considered the implications of dress codes on men.

View blog

Supreme Court provides comfort to public authorities facing village green applications

In a lengthy majority judgment accompanied by two powerful dissenting opinions, the Supreme Court found yesterday that land acquired and held for statutory purposes cannot be registered as a village green where that registration is incompatible with the statutory purpose for which it is held.

View blog

Retail woes extending beyond the property sector and into financial markets

Some commentators had anticipated that persisting retail sector challenges might disrupt more than the make-up of the high street or commercial property negotiations between landlords and tenants.

View blog

mailing list sign up



Select which mailings you would like to receive from us.

Sign up