Privacy regulators in the European Union (EU) may restrict US/EU data transfers unless negotiators reach a deal that satisfies EU data security and privacy concerns by January 31, 2016. Late last year, the European Court of Justice invalidated a Safe Harbor agreement between the US and EU due to concerns about US surveillance practices. The decision about whether to restrict data transfers will be made at a February 2, 2016 plenary meeting of the Article 29 Working Party
-http://thehill.com/policy/cybersecurity/266572-eu-regulators-could-freeze-safe-h
arbor-alternatives
-http://www.csmonitor.com/World/Passcode/2016/0120/What-the-end-of-Safe-Harbor-me
ans-for-the-digital-economy
-http://www.reuters.com/article/us-eu-dataprotection-usa-idUSKCN0UY2Y7
[SANS Editor's Note (Murray): The Safe Harbor agreement was invalidated because it left the citizen whose privacy was violated "no recourse," such as is provided to him under European law. He probably would not even have the recourse that an American citizen would have, a right to sue. Americans have not been very successful in suing because of the difficulty of showing damage. No such showing is required for resource under European law. It seems unlikely that we will grant a remedy to European citizens a remedy that is not available to our own. (Liston): The biggest sticking point in the negotiations around this deadline comes down to a fundamental difference in the level of "damage" that must shown in order organizations to be liable for information disclosures. I sincerely doubt the US will bow to pressure to lower the "damage bar" for lawsuits from the EU. ]
No comments:
Post a Comment