Daily DashboardEuropean Data Protection Digest

Privacy Group: Safe Harbor Certification Does Not Guarantee Compliance

DATA PROTECTION—EU & U.S.

May 26, 2010

The Düsseldorfer Kreis, an informal group of Germany's private sector data protection entities, is cautioning that even if U.S. companies are part of the Safe Harbor data protection agreement, European companies should not take their word on compliance with EU privacy requirements. OUT-LAW.com reports that the group instead urges EU firms to conduct their own reviews of U.S. companies certified under Safe Harbor as complying with similar privacy standards to those enforced in the EU. "At the very least, the exporting company must clarify when the Safe Harbor certification of the U.S. company was issued," the Düsseldorfer Kreis recommends, noting that, "Any certification older than seven years old is not valid."
Full Story