German privacy regulator fines three firms over U.S. data transfers
07 Jun 2016

A German regulator has fined three companies for still relying on a Safe Harbour agreement to electronically transfer personal data to the United States, despite the deal being declared invalid by the EU’s highest court last year on concerns about U.S. mass surveillance activities.

The Hamburg Data Commissioner said on Monday it had fined Adobe Systems, fruit juice maker Punica, a subsidiary of PepsiCo, and Anglo-Dutch consumer goods group Unilever a total of 28,000 euros ($32,000) for failing to set up alternative legal channels for cross-border data transfers quickly enough.

Companies that need to transfer personal data to the United States – be it for completing credit card transactions, hotel bookings or moving employee data – have been operating in a legal limbo since the Court of Justice of the European Union (ECJ) struck down the Safe Harbour pact last October, depriving them of the easiest means available under the EU’s strict data protection laws for authorising data transfers.

For 15 years the Safe Harbour agreement had allowed companies to store data about European Union citizens on U.S. servers by stating that they complied with EU data protection standards.

Adobe was fined 8,000 euros, Punica 9,000 euros and Unilever 11,000 euros.

You can claim CPD minutes for this content, by signing up to our CPD Wallet


You must be logged in to post a comment.

This site uses Akismet to reduce spam. Learn how your comment data is processed.