Don’t Just Fix Safe Harbor, Fix the Data Protection Regulation

Robert D. Atkinson December 18, 2015
December 18, 2015

U.S. and EU negotiators have been working tirelessly to craft a “Safe Harbor 2.0” to replace the now-nullified framework for how companies can easily share data to do business across the Atlantic. But the truth is that fixing Safe Harbor is like applying a bandage instead of curing the underlying ailment, writes Rob Atkinson in EurActiv. A better alternative would have been for the European Commission to do away with the “adequacy” standard in the EU’s new General Data Protection Regulation that was agreed upon this week, and to instead replace it with a duty-of-care provision. In short, when it comes to handling data, companies doing business in Europe should be responsible for the actions of both their agents and business partners, regardless of where they are located.