Business News Digital Labels & Publishers Legal

European court rules another kind of safe harbour invalid

By | Published on Wednesday 7 October 2015


Given how much the music industry has been banging on about safe harbours of late, you might have thought there’d been a big development yesterday with the news that the European courts had passed a ruling declaring a safe harbour deal invalid. But, alas, it’s not that kind of safe harbour. It’s another safe harbour. Who knew so many harbours were safe?

This case related to data protection and privacy law, and a ‘safe harbour’ agreement between the European Union and the US that allows companies to transfer data from one to the other, with both sides ensuring basic data protection principles are met.

This particular safe harbour was tested when an Austrian law student made a complaint to the Irish data protection commissioner about Facebook – which has its European base in Ireland – moving data about its EU customers over to its US servers. In the wake of the revelations that stemmed from documents leaked by Edward Snowden about the US National Security Agency’s surveillance programmes, Max Schrems argued that US law doesn’t provide sufficient data protection for European web-users.

The Irish authorities rejected the case pointing to the safe harbour agreement, which dates from 2000, but Schrems took the matter to the European Court Of Justice, which yesterday ruled the data sharing pact invalid. The court agreed that the safe harbour deal doesn’t sufficiently protect the data and privacy rights of European citizens. As a result of the ruling, the Irish data commissioner must now reconsider Schrems’ complaint.

Quite what this all means for companies like Facebook, which routinely store data from European subscribers in the US, remains to be seen. Though the European Commission’s Frans Timmermans said: “We have already been working with the American authorities to make data transfers safer for European citizens”.

He went on: “In the light of the ruling, we will continue this work towards a renewed and safe framework for the transfer of personal data across the Atlantic. In the meantime, transatlantic data flows between companies can continue using other mechanisms for international transfers of personal data available under EU data protection law”.

Meanwhile Schrems himself said: “This decision is a major blow for US global surveillance that heavily relies on private partners. The judgement makes it clear that US businesses cannot simply aid US espionage efforts in violation of European fundamental rights”.

But does this ruling bode well at all for the music companies that want a totally different set of safe harbours revised and reduced? No, it has no relevance at all. But if it makes this dreary Wednesday any easier to deal with for all your safe harbour haters in the music industry, then let’s pretend it does.