Peer to Peer Magazine

Winter 2015

The quarterly publication of the International Legal Technology Association

Issue link: https://epubs.iltanet.org/i/624538

Contents of this Issue

Navigation

Page 50 of 71

PEER TO PEER: THE QUARTERLY MAGA ZINE OF ILTA 52 FEATURES Please give us some background about Schrems: Gayle: Maximillian Schrems is an Austrian student who brought an action against Facebook because it had transferred data from Ireland, their primary server base in Europe, to the U.S. After all the Snowden revelations, Mr. Schrems was concerned that his data were being accessed by unknown people, and not being kept secure according to European data protection law, which says you can't transfer data outside of the European Economic Area (EEA) unless you put certain protection in place. The protection Facebook chose to use is Safe Harbor, which was originally agreed upon by the European Commission. The Schrems decision said Safe Harbor doesn't do a good enough job of keeping data safe, making the Commission's decision invalid. If businesses can't use this as a basis for data transfers anymore, it could be a problem. Where does that leave multinational organizations and other companies using U.S.-based hosting systems or dealing with U.S. businesses? Jason: Because of the invalidation of Safe Harbor, businesses need to act quickly if that was the primary basis on which they were transferring data. The questions are: • Are you transferring data between U.S. and non-U.S. organizations? • What was the legal mechanism used to protect the data? If you used Safe Harbor, you need to look at alternative means of protection. The main ones people are looking at are model clauses, which need to be put into your contract. These are clauses you can negotiate and that have been agreed upon and signed off on by the Commission. On October 6, 2015, the Court of Justice of the EU published its judgment in C-362/14 (Maximillian Schrems v Data Protection Commissioner), declaring the commission's "safe harbor" decision to be invalid. At ILTA's 2015 INSIGHT event in London, Gayle McFarlane of Cordery and Jason Rix of Allen & Overy LLP explored the basis of the court's judgment, practical and legal implications, and steps to be taken to mitigate risks in light of the judgment. Here is some of their post-session interview on the topic. Hear their entire interview at insight.iltanet.org.

Articles in this issue

Links on this page

Archives of this issue

view archives of Peer to Peer Magazine - Winter 2015