A recent case, brought before the European Court of Justice (ECJ) regarding the security of EU citizens’ personal data stored on Facebook’s US based servers, has led to a significant change in EU policy.
The ECJ Safe Harbour ruling
In 2000, the EU and USA introduced the Safe Harbour agreement that allowed US firms to transfer personal data from European servers to those in the USA, provided that the data stored in the US had the same privacy protection for EU citizens as data stored in the EU.
However, concerns regarding the US government’s snooping of data on US based servers have brought an end to the agreement. On 6th October, the ECJ ruled that, as US national security requirements prevailed over the Safe Harbour agreement, the US could, if necessary, access any data stored on US servers. As a result, it ruled that Safe Harbour no longer offered adequate protection to EU citizen’s personal data and was, therefore, invalid.
Implications for UK businesses that use cloud storage
The ruling by the ECJ will have an effect on any organisations which store personal data on US servers, principally because that data is not currently deemed as adequately protected. This includes UK businesses which use web hosts or cloud services that store their data on US based servers.
There is no need, in the short term, for companies to make huge changes to their current set up. Negotiations are taking place to find ways to revise the Safe Harbour agreement and guidance for businesses and other organisations will be updated once the review has concluded. How that new guidance will impact on businesses and organisations remains to be seen. In the meantime, US based cloud storage companies will be looking at ways to update their procedures to comply with the change in EU legislation.
Over the longer term, things may change significantly. Differences in attitudes to data protection exist within the EU as well as between the EU and other countries and it could result in different EU countries adopting their own data protection legislation. If this happens, the complexity involved in having to comply with multiple data protection laws makes it increasingly likely that more companies will host their personal data on servers based within their own country. Some non-EU countries, like Russia, already legislate for this.
Peace of mind for eUKhost clients
If you are an eUKhost client or are considering purchasing cloud services from us, you can be assured that the invalidation of the Safe Harbour agreement will not affect you at all. All the data stored on eUKhost cloud, VPS & dedicated servers is completely located within the UK at our facilities in Leeds, Reading and Nottingham. We do not store, transfer or backup data in any other country.
Latest posts by Asher Ross (see all)
- 7 WordPress Functions Most Beginners Don’t Know About - September 21, 2016
- 9 Ways the Internet of Things Will Affect Your Business - September 6, 2016
- How to Source Free Images for Your WordPress Site - August 10, 2016