1. It only concerns personal data The Safe Harbor agreement was — until it was struck down by the Court of Justice of the European Union on Oct. 6 — a way to reconcile differences between U.S. privacy laws and the EU’s 1998 Data Protection Directive, which prohibits the transfer of Europeans’ personal information to countries with inadequate privacy protections. If all you’re shifting is production data or environmental measurements, then carry on as you were.
2. It’s not the only way to transfer data legally The directive provides other legal mechanisms under which businesses may transfer personal data outside the EU, whether to the U.S. or elsewhere, including model contract clauses, informed consent, and binding corporate rules. If you work for a multinational conglomerate, your company may have already established binding rules guaranteeing the protection of personal data transferred between different subsidiaries.