Transatlantic Digital Dialogue

Navigating the Post-Safe Harbor Waters

A month after the European Court of Justice handed down its ruling invalidating the EU-US Safe Harbor framework, the German Marshall Fund of the United States's Berlin office invited US Federal Trade Commissioner Julie Brill to address data privacy to kick off a newly relaunched series of discussions the institution is calling Transatlantic Talks. She argued that Europeans had missed the resulting "robust conversation" that took place over data privacy in the US. View

Striking Down the Safe Harbor Agreement

With a cornerstone decision for the future of data transfers and the world's digital economy, the Court of Justice of the European Union, following the proposal of the Opinion of its Advocate General, has declared null and void the Safe Harbor Agreement, the regulatory scheme that governed (digital) data transfers between Europe and the US for the past 15 years. Although this decision may not have been made for the most crucial reasons, nonetheless it is a step in the right direction. View

The Transatlantic Internet: A New Geo-Economic Frontline

For almost a generation, the US-EU Safe Harbor agreement has been the transatlantic digital passport that allowed 4,400 US tech companies to provide services to Europe’s 500 million consumers. But an Oct. 6 decision by the European Court of Justice smashed that little-known, but extremely important fifteen-year-old agreement and opened up questions about the future of the thriving transatlantic digital corridor that allowed trillions of dollars of interactions. View

EU-US Safe Harbor Invalidated: What Now?

Kurt Hunt and Adam Vernick, associates at the American law firm Dinsmore, have written about the implications of the recent invalidation of the EU-US Safe Harbor Framework following a decision from the CJEU. "As a result, companies that transfer the personal data of European Union residents into the United States now face significant uncertainty about the legality of their data transfer practices." View

Memo 49: Creating Cloud Norms While Keeping Innovation Alive

Memo 49: Our Cloud Theme Week looked at the ways in which current regulation on Cloud technology has fallen short or lagged behind innovative technological growth. As part of our new project "Transatlantic Digital Dialogue" we published five articles (February 9 – 13) on Cloud computing and its increasingly important role in business and consumer applications. View

Transparency and Clear Guidelines Can Help Regulators through the Fog

Cloud computing continues to grow and expand in use. But its inner workings -- the movement and properties of data within the cloud -- are opaque. Despite the existence of service level agreements, and some management tools (depending on the service model), there is often little scope for tenants, let alone end-users, to determine what happens inside a cloud service. The crucial next step in cloud evolution is transparency. View

The Integrated Approach to IT, Law, and Regulation

Cloud solutions are a major factor that could reduce infrastructure expenses and generate added value for countries and companies. Using an Integrated Approach we have opportunity to make Cloud technologies friendly and safe and to develop new opportunities for EU information storage and management while keeping the right balance between benefits and risks. View

Fast Technological Evolution Calls for Fast Law Development

Cloud computing is appearing to be the prevailing technological standard adopted by more and more companies and individuals across the world. This fast expansion of the Cloud naturally also calls for comprehensive and realistic regulation. However, without a useful working definition of the Cloud between the US and EU, and ways to measure tech trends economically, regulators will continue to fall behind the growth curve. View

Information Security: Governments, Jurisdictions and Privacy Regulations

As pressure from regulatory compliance increases, the modern Chief Information Security Officer (CISO) must take a progressively integrated and holistic approach towards information risk management. Organizations may have little or no control over the movement of their information, as cloud services can be provided by multiple suppliers moving information between data centers scattered across the globe. By implementing strong information security measures, the CISO is more likely to stay ahead of regulatory mandates. View

Data Protection and Privacy Law - Where Regulators Are King?

Across the world, data protection and privacy law is in a phase of rapid growth. As we move closer to the internet of things, living in a world of wearable tech, smart homes and smart cities, where every device is potentially personal and at the same time, universal, society must decide what rules should govern this world. What information should be considered personal data? View