The European Court of Justice (ECJ) has overturned the so-called Safe Harbor agreement between the European Commission and the United States. "This is an important step for data privacy and protection in Europe," says Thomas Kremer, Member of the Board of Management for Data Privacy, Legal Affairs and Compliance.
The ruling was eagerly awaited because of its impact on the entire Internet business economy.The judges in Luxembourg ruled that the personal data of Internet users in Europe is not adequately protected from access on the part of government agencies in the United States. The European Commission (EC), according to the ruling, did not have the authority to limit the powers of the national data protection agencies.
Violated basic rights
And a clause that allowed agencies to access the content of electronic communication was, according to the court, a breach of basic personal privacy rights. The court also ruled that a person's basic right of legal protection was also violated if Internet users have no way of accessing their personal data, or are unable to demand the modification or deletion of this personal data.
Declaration of voluntary compliance
The EC introduced the Safe Harbor agreement with the United States 15 years ago to govern the transfer of personal data from countries in the European Union (EU) to the United States. Since then it was possible to send the personal data of EU citizens – such as place of birth or e-mail address – to business enterprises headquartered in the United States if these enterprises agreed to comply with the principles of Safe Harbor. A declaration of voluntary compliance with the Safe Harbor Principles on the part of U.S. enterprises was considered an "adequate level of data protection" at the time.
“Important step for data privacy”
Deutsche Telekom welcomes the ruling of the Luxembourg court: "This ruling is an important step for data privacy and protection in Europe," says Thomas Kremer, Member of the Board of Management for Data Privacy, Legal Affairs and Compliance. "The Safe Harbor agreement between the EU Commission and the United States is not viable in its current form. The European Court of Justice has clearly determined that European citizens' data is not adequately protected in the United States. We need the European General Data Protection Regulation to be implemented quickly to ensure that companies abroad comply with Europe's high data privacy standards."