• Contact Us

Information Law Update - US Safe Harbor Provision Suspended

on Friday, 13 November 2015.

The European Court of Justice has recently ruled that the legal basis used by many organisations for the transfer of personal data to the US is invalid.

In a case brought against Facebook by an Austrian citizen, Max Schrems, it has said that the Safe Harbor arrangements do not provide adequate protection for the privacy of EU citizens.

This case will have a significant impact in the UK. It affects not only those with US operations or joint ventures, but all organisations that use outsourced services using US-based servers. This may include payroll administration, CRM systems, cloud storage, email and website services (eg, online booking) and certain outsourced marketing services.

What does this mean for further education (FE) colleges in the UK?

The consequence of the ruling is that colleges that currently rely on the Safe Harbor provision will need to review how they ensure that they transfer data to the US in line with the law in the UK. In light of the ECJ ruling, many will now be operating in breach of the Data Protection Act.

The Information Commissioner's Office has indicated in its initial response that it recognises that it will take some time for organisations to carry out those reviews and put new systems in place. That is welcome since it means that there is no immediate threat of enforcement action for non-compliance in this respect.

However, if your college transfers personal data to the US, including by using such tools as Google Drive, Microsoft 365 or other cloud storage, we strongly recommend that you review your position as a matter of some urgency.

To discuss how our experienced data protection team can help you, please complete our form below.

Get in Touch

First name(*)
Please enter your first name.

Last name(*)
Invalid Input

Email address(*)
Please enter a valid email address

Please insert your telephone number.

How would you like us to contact you?

Invalid Input

How can we help you?(*)
Please limit text to alphanumeric and the following special characters: £.%,'"?!£$%^&*()_-=+:;@#`

See our privacy page to find out how we use and protect your data.

Invalid Input