Microsoft Exec Weighs In on Safe Harbor's Demise
After a recent court ruling invalidated the EU-U.S. Safe Harbor agreement, Microsoft's top lawyer calls for a new privacy-enhancing legal framework.On Oct. 6, the European Union's (EU) top court ruled that the Safe Harbor provision was invalid. The legal framework efficacy—it required U.S. companies to protect data belonging to Europeans—was cast into doubt after Edward Snowden, a former U.S. National Security Agency (NSA) contractor, leaked documents detailing the U.S. government's intelligence-gathering capabilities. Now, multinational companies and global cloud providers are in a holding pattern. Brad Smith, Microsoft's president and chief legal officer, noted today in a lengthy blog post that the court "struck down an international legal regime that over 4,000 companies have been relying upon not just to move data across the Atlantic, but to do business and serve consumers on two continents with over 800 million people." While the ruling is seemingly a setback for large cloud providers and online companies, many were prepared for the worst. Smith said, "Companies like our own that have put in place additional safeguards such as the EU Model Clauses will rely on and add to them, even while everyone discusses additional measures." Beyond the immediate legal and technical ramifications, "the collapse of the Safe Harbor reflects the remarkable evolution of privacy issues," Smith said. He calls for a new agreement that prioritizes data privacy.
"Individuals should not lose their fundamental rights simply because their personal information crosses a border," he stated. "While never stated quite this directly, this principle underlies every aspect of the European Court's decision, and it makes sense."