Earlier in the week the EU and the USA 'hammered' out a framework that is supposed to replace the invalidated Safe Harbor agreement.
 
You can find the EU press release here, which includes a good summary of events, too. 
Earlier I recorded my quick take while (how appropriate) being in Europe - take a look:
 
 
 
No time to watch - here are the takeaways:
 
  • Not too much progress - Many elements (e.g. yearly review) was part of Safe Harbor, too. Now the EU has in writing that the USA will not by default do 'en masse' data espionage.
     
  • Long road - The agreement was massive time pressure to be drafted, as enterprises and vendors were not in compliance since October 6th 2015 decision by the EU High Court. On Wednesday the data privacy expert of all 28 EU members reviewed it and gave themselves some time to digest the proposal. It will have to pass all 28 country parliaments, which by itself is a Herculean task.
     
  • No certainty - It is likely that privacy activists like the famous / infamous Max Schrems will keep suing and probably challenge this agreement, too, which creates uncertainty for enterprises and vendors.
     

MyPOV

We live in the age where legislation does not keep up with technical progress. The Safe Harbor invalidation is a perfect example of how both the executive and the legislative branch  are behind digital reality and what the jurisdicative branch sees as not acceptable encroachment on citizen's privacy. Ironically the next revision is likely not review proof either - creating more uncertainty. 
 
Enterprises who are not compliant after the invalidation of Safe Harbor need to weigh their options. What is the business risk of non compliance vs. the cost of coming to compliance. For vendors there can be no real option than compliance, as they are responsible for their customer's operational compliance. If your vendor is not compliant with pre Safe Harbor state, enterprise executives should start the conversation with them asap. In case an enterprise stores EU consumer, customer data in the US today, time to explore the remediation, a solution - as much desired - is, unfortunately more out with this currently proposed framework.  


------------

I covered the EU High Court decision in October 2015 here - take a look for more background. Also follow up the view of my colleague Steve Lockstep who is on deserved vacation this week here

 
More Musings Posts
  • Musings – Time to re-invent email – for real! - Read here
  • The Dilemma with Cloud Infrrastrcture updates - read here
  • Are we witnessing the Rise of the Enterprise Cloud? Read here
  • What are true Analytics - a Manifesto. Read here
  • Is TransBoarding the Future of Talent Management? Read here
  • How Technology Innovation fuels Recruiting and disrupts the Laggards - read here
 
Find more coverage on the Constellation Research website here and checkout my magazine on Flipboard and my YouTube channel here.