Should We Worry About Safe Harbor Being Suspended Because Of The NSA’s PRISM Program?

Author:Ms Susan Foster
Profession:Mintz, Levin, Cohn, Ferris, Glovsky and Popeo, P.C.

(LONDON) Various data protection power players have called for the suspension or curtailment of the US Safe Harbor program ever since the Snowdon revelations that the US NSA has required large internet service providers such as Google to provide vast amounts of personal data transmitted by individuals in Europe (and elsewhere).

As many of you will know, the US Safe Harbor program is a voluntary program overseen by the FTC that allows US companies to meet EU requirements for data protection, thus facilitating transfers of personal data from the EU to Safe Harbor-listed companies in the US. The rationale for suspending the Safe Harbor program seems to be that Safe Harbor participants are practically unable to comply with EU data protection requirements because they have to comply with US government subpoenas that are contrary to European law.

Suspending Safe Harbor-based data transfers would be very disruptive to European and US companies that rely on it to conduct business - although there are alternatives that could be put in place fairly quickly by those companies, such as EU-approved model contract clauses.

That all sounds pretty alarming. However, while the EU Parliament has some very vocal opponents to the NSA's PRISM program who see the Safe Harbor program as a point of leverage against the US, there are a number of reasons why Safe Harbor is unlikely to be suspended:

There are other very weighty political considerations, including larger trade relationships and intelligence-sharing arrangements between the EU and the US. EU politicians and bureaucrats charged with looking after those relationships and arrangements may be less vociferous...

To continue reading