The significance of the rejection of the long-standing Safe Harbor agreement is undeniable, but it won't mean much if Microsoft loses its long-running dispute with the U.S. government over emails stored in an Irish data center. The Microsoft case revolves around the government's right to access emails stored on foreign soil, with Microsoft arguing that the United States' jurisdiction does not extend into Ireland. Should Microsoft lose its appeal, the message will be clear: Ownership of the data center, and not ownership of the data, will be the determining factor for government access. That means technology giants like Amazon and Microsoft will have no legal basis for denying access requests from the U.S. government, regardless of whether the data is, or has ever been, held within U.S. borders.
Companies need to establish a contingency plan in the event that Microsoft loses its legal battle with the U.S. government. Experts have already been discussing how the Safe Harbor ruling could be applied in this instance, claiming U.S. access to EU data violates a core right, but these arguments are purely theoretical. In the meantime, investment in private cloud infrastructure is necessary as long as data security and privacy are a priority. As government agencies try to expand their reach further than ever, only by confining key assets to an on-premise, private cloud can organizations best mitigate the risk of government intrusion.
In October, the European Union's highest court struck down the "Safe Harbor" Privacy Principles, a provision that allowed for the sharing of European personal data between the EU and U.S. The verdict is meant to preserve EU citizens' inherent right to privacy given the reality of U.S. national security laws, specifically The Patriot Act, which provide the NSA nearly unilateral access to data managed by U.S. companies.
While this may be a win for privacy advocates, it has left almost 5,000 companies with no clear solution for legally transferring data between Europe and the U.S. Temporary workarounds such as the use of Model Clauses are inefficient, and are currently operating in a legal grey area until regulators take a firmer stance on acceptable practices. In this slideshow, Accellion outlines the top five lessons businesses need to learn from Safe Harbor, as well as how they can apply them to their business strategy.