What is Safe Harbour and how does it affect you as a customer of Signable?

The Internet was awash on Tuesday when countless blogs and news websites reported on the fact that a longstanding agreement, between the EU and the USA, called Safe Harbour, was ruled as invalid with no chance for appeal. This agreement has existed for 15 years and is used by nearly 4,500 USA companies to avoid having to process data within the EU for their EU based customers. This doesn’t just affect technology companies, this also includes international companies that have EU and US employees, however for the sake of this article I will focus on the technology side of things.

 

I won’t repeat what has been reported elsewhere however the crux of it is that US companies can no longer transfer data, on EU citizens, from the EU to the USA. Not without breaking privacy and data protection laws.

 

Why was Safe Harbour initially introduced? What was it meant to protect?

As companies grew and spread their wings, becoming ‘International’ became inevitable. With technology companies this tended to be US companies setting up a EU base, traditionally in Dublin, Ireland. Some say it was for tax benefits however personally I feel it was for the better quality Guinness. There needed to be an easy way, for these companies to be ‘trusted’ with this EU data, without falling foul of the, stricter, EU data protection and privacy laws. Therefore Safe Harbour was setup and any US company that had qualified for Safe Harbour could move data between the EU and US freely.

What does this protect? Skeptics may say that this was just to protect the US companies, however ultimately it was to safeguard EU citizens data.

What has changed?

An Austrian privacy campaigner called Max Schrems started the ball rolling with this who in turn was influenced by the Edward Snowden revelations over the US National Security Agency (NSA) and how much data they were recording on anyone.
A case was brought forward by Mr Schrems against Facebook (as Facebook are a US company and store a large of amount of his personal data) in Dublin, Ireland as that was the EU headquarters of Facebook. He had a problem with how much access the NSA, and therefore the US Government, had over his private data, despite being outside of the US. The case was transferred to the European Court and the result of the case is what we see today.

OK, fine, how does this affect my data, as a Signable customer based in the EU?

Signable has always kept its data stored within the EU. At no point has your data been stored within the US. We fully comply with EU Data Protection and Privacy laws.

We are one of the largest electronic signature providers within the UK and, unlike our major competitors, who are based in the US and can store your data within the US, we will keep your data, safe, within the EU.

Author: Olly Culverhouse