European Safe Harbor ruling update and Google Apps
Hello Apps Administrator,
Please note that the update below is relevant only if you process personal data and European Data Protection laws apply to that processing. This will often be the case if your business is based in the European Union. If you are unsure whether this applies to you, we suggest you seek advice from legal counsel.
On October 6, 2015, Europe’s highest court declared that the decision of the European Commission regarding the US-EU Safe Harbor framework―one of the legal mechanisms that enables the transfer of personal data from the EU to US companies―is invalid, on the basis that Safe Harbor doesn’t provide an adequate level of protection for personal data originating in the EU.
Through 2015, the European Commission and the US have been negotiating a revised Safe Harbor agreement that should address these concerns, but they were not able to finalize the agreement before the court issued its ruling. Both the Commission and the US have committed to finalizing the revised agreement as soon as possible.
In the meantime, we’d like to reassure you that we offer a compliance alternative to the Safe Harbor framework, and our records show that your organization has already adopted this option. Specifically, we offer a data processing amendment and model contract clauses as an additional means―beyond the Safe Harbor framework―of meeting the adequacy and security requirements of the EU Data Protection Directive. Model contract clauses were created specifically by the European Commission to permit the transfer of personal data from Europe.
We are committed to helping our customers address their regulatory compliance needs in this area, and we thank you for entrusting your data to Google.
If you have additional questions, please contact your Google representative or Google Apps Support.
The Google Apps Team