What’s the use of a court ruling if everyone ignores it?
This is the dilemma facing Germany’s regional data protection authorities following a ruling by the European Court of Justice (ECJ) overturning the Safe Harbor agreement with the U.S.
Earlier this month judges ruled that transferring personal data to the U.S. – previously allowed under Safe Harbor – is now illegal. That’s because once it lands in U.S. servers, data is not sufficiently protected against government snooping.
In fact, the ruling should have immediately stemmed the flow of data to the U.S.
Yet it’s being roundly ignored in Germany – for now.
According to the Chambers of Industry and Commerce in two German states, North Rhine-Westphalia and Baden-Württemberg, few if any companies have reacted by stopping data flows.
At a meeting of German data protection authorities on Wednesday, most states agreed to observe a transition period.
During this period, companies are to look for alternatives business practices which avoid transferring data to the U.S. Only after this grace period will enforcement measures kick in, including possible fines of up to €300,000.