Paper Example. Safe Harbor Agreement

Published: 2023-02-23
Paper Example. Safe Harbor Agreement
Type of paper:  Essay
Categories:  Data analysis International relations Internet Cyber security
Pages: 7
Wordcount: 1792 words
15 min read

Safe harbor is a name given to the agreement made between the United States Department of Commerce and the European Union. The main aim of this agreement is to regulate how companies in the United States handle and export European citizen's data. This agreement ensured the safety of data transfer even across borders of the countries governed by this agreement. This essay discusses in detail on safe harbor agreement, the difference in American and European commitments to internet privacy, Ecj's decision and its impact on American companies, and the reason why they should meet European standards for privacy concerns.

Trust banner

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

A safe harbor agreement was established in 2000. Its main aim was to provide safety for data for everyone in the countries that reached the deal. In addition to this, the agreement required every company that used to collect personal data to inform every individual that their data was being gathered together. The agreement also required the companies to advise them on what their data was to be used for and ask them for their permission to share it with a third party. It also allowed people whose data had been collected to have access to it and change it if they want (Zinser, 2004). Still, it also provided protection and law that was enforced to make sure that nothing was violated for the principles set.

Difference between American and European Commitments to Internet Privacy Concerns

United States' approach to internet privacy is that it is not that strict in with its rules on data collection, use, and disclosure. For example, when promises made by a company to their client are not full filled, they penalize the company so the company can protect privacy by modulating the promises it makes. On the other hand, Europe is stringent and ensures that there are consequences to face if the rules are broken.

United States approach to privacy is realistic since it tries to weigh privacy and other interests. By doing this, it differs from the right European approach to privacy. United States' approach argues that there must be laws to be followed and if they will enforce it (Brkan, 2012). According to Europe, they approach it in another angle of having the principles in the safe harbor agreement put into place and not involve laws.

ECJ's Decision

ECJ are abbreviations that stand for the European Court of Justice. On 6TH October 2015, the ECJ declared the safe harbor invalid. To expand on that, the agreement that had been put between America and Europe for data protection was ruled to be put away. Despite America and Europe not being on the same side about privacy of people's data on the internet, the ruling was made without favoring any party. Therefore, the safe harbor agreement do no longer provide protection of any data for anyone. ECJ's decision was brought about by a case that had been presented. The case was filled by an Australian citizen who claimed that his privacy had been violated. He filled his lawsuit against Facebook. Therefore, after a thorough investigation of the case, they found out that authorities in the United States had unrestricted access to transfer data, which is personal to everyone. This led to the termination of the agreement (Cohen, 2015). This is because if the deal is supposed to protect personal data and on the other hand, they get offended by being violated for having their data accessible, then it had to be ruled to be invalid.

However, the decision led to many country's to protect data for their citizens using their ways. Moreover, it also made the European data protection authorities to stop all data transfers that were under the safe harbor agreement. Therefore, putting away this agreement left no choice but stressful time in finding ways in which data privacy could be achieved though there is an alternative to using model clauses. Although it has not been approved yet, in case it does, it could solve the issue of having personal data on the internet with no protection. Besides, the United States' rights seem to make it difficult to reach adequate levels of data protection. Therefore, ECJ's decision consequences are tough to run away from. The only option left is to deal with the situation and try to find a way to get personal data on the internet to be safe.

Moreover, ECJ's decision also could have led to the fragmentation of the internet, thus causing great harm to the digital market in Europe. Therefore, this could have affected many businesses. Nowadays, most of the jobs, activities, and such opportunities are primarily found on the Internet; thus, this could even have led the European economy to be at risk. Therefore most of the companies that transferred data from Europe to the United States could no longer rely on the safe harbor agreement, and they faced the issue of how they would operate. For example, banks and internet firms. This posed a high risk of loss for companies relying on information and technology to work.

ECj's decision also could lead to the creation of barriers that block the flow of data in Europe. The reason is that ECJ allowed 28 national data protection authorities that must check and review standards of privacy on data protection of other countries, not in Europe. Therefore, by doing this, they may wrongfully interpret the rules of confidentiality, thus creating a scenario where it may be transferred to the United States (Kerlin, 2006). Therefore, by doing this, it could lead to no data flow in Europe.

Impacts of CJ's Decision on American Companies

Companies in America that used to work with others in Europe face the risk of going losses since most of the companies have been relying on the internet for digital business and transfer of files. To expand on that, the digital platform for ecommerce plays a significant role in ensuring that products and services are offered. Therefore having no one to protect their data that is transferred online, it is kind of cumbersome for them since they have to look for other companies that can offer data protection. Also, they get these companies to have an agreement with the General Data Protection Regulation in the European Court of Justice. For them it is costly. Thus, having to cater to the protection of their data is an added burden on them (Voigt & Von' 2017). Therefore If the United States and Europe could have another safer agreement that favors both sides, it could help these companies in a big way.

Another Impact is having data of these companies be at risk of being interfered with, distorted, or even stolen. Therefore, they have a big task of protecting their data when being transferred into Europe since any data getting into the region must be checked and reviewed for privacy standards. This poses a very high risk for companies trying to transfer data that is confidential. Therefore, most of the internet firms find it hard to operate in Europe, and those working in America prefer not to get involved with any business in Europe (Kerlin, 2006). This, in a way, limit their operation and can pose a risk of the companies underperform.

Reason Why We Should Meet European Standards for Privacy.

One of the reasons is that it provides protection of private information and can keep it safe. The European standards of privacy have made sure that any sensitive information is protected under the General Data Protection Regulation. By doing this, it shows that anyone or an organization can violate no one by having used your data. Therefore, it is right to say meeting their standards can be advantageous to us for our data safety.

Another reason is that it gives one the power to do whatever they want with their data. If they're going to update it, erase it or even change. This provides control of people over their data. Thus, meeting their standards can be a great deal since one will able to have control of their data.

European standards for privacy have also made the transfer of data more efficiently. To expand on this, they have created a platform in which anyone can check what information any organization has on them. Also, this check which companies have collected your information. They have also made it easy for data transfer between platforms (Rauhofer & Mac, 2014). They are thus meeting their standards very essential so as not to miss out on such a service.

Moreover, they have raised the standards of protection higher than the safe harbor agreement had. When new rules are set, they are set to be better than the previous ones. Thus, data is more reliable under their laws (Rauhofer & Mac, 2014). This is another reason as to why meeting their standards can offer a good deal of having personal data being safe.

The organization has put in place a way to always notify someone when they have been breached. Since cyber-attacks and crimes still exist, they pose a high risk of getting our data being interfered with. Thus, being notified every time someone tries to interfere with our data, it is an advantage to us (Rauhofer & Mac, 2014). Therefore meeting their standards is a significant advantage to us.

Therefore, having to know that safe harbor was an agreement between the United States and Europe on data protection, it is clear to say it was not right to rule against it. Moreover, the court saw it better that way to give people an organization that can even lead to their data being violated. Thus, the impact of the ruling had severe consequences for companies in both America and Europe. However, having to meet Europe standards of privacy is very vital since the organization put into protecting personal data meets their needs.


Zinser, A. (2004). International data transfers between the United States and the European Union: are the procedural provisions of the Safe Harbor solution adequate? Computer Law & Security Review, 20(3), 182-184. Doi: 10.1016/s0267-3649(04)00034-2

Brkan, M. (2012). The Court of Justice of the EU, privacy, and data protection: Judge-made law as a leitmotif in fundamental rights protection. Courts, Privacy, and Data Protection in the Digital Environment, 10-31. Doi:10.4337/9781784718718.00009

Cohen, N. (2015). The Privacy Follies: A Look Back at the CJEU's Invalidation of the EU/US Safe Harbor Framework. European Data Protection Law Review, 1(3), 240-244. Doi:10.21552/edpl/2015/3/15

Kerlin, J. A. (2006). Social Enterprise in the United States and Europe: Understanding and Learning from the Differences. VOLUNTAS: International Journal of Voluntary and Nonprofit Organizations, 17(3), 246-262. Doi: 10.1007/s11266-006-9016-2

Rauhofer, J., & Mac Sithigh, D. (2014). The Data Retention Directive Never Existed. Scripted, 11(1). doi:10.2966/scrip.110114.118

Voigt, P., & Von dem Bussche, A. (2017). Practical Implementation of the requirements under the GDPR. The EU General Data Protection Regulation (GDPR), 245-249. Doi: 10.1007/978-3-319-57959-7_10

Cite this page

Paper Example. Safe Harbor Agreement. (2023, Feb 23). Retrieved from

Request Removal

If you are the original author of this essay and no longer wish to have it published on the SpeedyPaper website, please click below to request its removal:

Liked this essay sample but need an original one?

Hire a professional with VAST experience!

24/7 online support

NO plagiarism