Originally published by ACC Docket.

The Nuts & Bolts of the EU Safe Harbor

By Brett Tarr

The European Commission's Directive on Data Protection went into effect in October 1998, and prohibits the transfer of personal data to non-European Union nations that do not meet the European "adequacy" standard for privacy protection. While the United States and the European Union share the goal of enhancing privacy protection for their citizens, the United States takes a different approach to privacy from that taken by the European Union.

One of the most significant effects of increased online trading between Europe and the United States is the growing concern about privacy and data protection. There is no general agreement between Europe and the United States in the area of ecommerce and likewise, there is no specific agreement between the European Union and the United States on jurisdiction and applicable law in civil matters. Although the current consumer data privacy protection principles of the European Union and the United States are both founded upon the Guidelines on the Protection of Privacy and Transborder Flows of Personal Data issued in 1980 by the Organization for Economic Cooperation and Development, they are based on different approaches. The United States uses a mix of legislation, regulation and self-regulation.

To read the full article, click here.