European Union data protection laws prohibit the transfer of personal information to non-member countries unless they provide adequate protection for that information. Canada is deemed to be a country that provides adequate privacy protection, based on its Personal Information Protection and Electronic Documents Act (PIPEDA).
The US does not have federal legislation comparable to PIPEDA or EU laws, so the US government and the European Commission negotiated a safe-harbour framework of principles to permit US-based organizations subject to Federal Trade Commission or Department of Transportation jurisdiction to self-certify that they provided such protection for information transferred from the EU. In 2000, the European Commission declared that organizations that adhered to the safe-harbour principles adequately protected personal information and the framework has since been widely used to facilitate transfers from EU countries to the US.
In early October 2015, the EU Court of Justice struck down the European Commission’s decision. The court found that the decision did not find that the US as a country ensures an adequate level of protection for personal information and that the safe-harbour principles apply only to certain organizations that choose to adhere to them. Governmental authorities could override the protections by operation of national security laws, without sufficient oversight to ensure the protection of the privacy rights of EU citizens under EU laws.
You must be a
subscribersubscribersubscribersubscriber
to read this content, please
subscribesubscribesubscribesubscribe
today.
For group subscribers, please click here to access.
Interested in group subscription? Please contact us.
你需要登录去解锁本文内容。欢迎注册账号。如果想阅读月刊所有文章,欢迎成为我们的订阅会员成为我们的订阅会员。
79 Wellington Street West, 30th Floor,
Box 270, TD South Tower
Toronto, Ontario M5K 1N2 Canada
Tel: +1 416 865 3688
Fax: +1 416 865 7380
Email: info@torys.com
www.torys.com
