BMC’s Paul Appleby reflects on the ruling that Safe Harbour is invalid, and why secure data exchange is the lifeblood of Europe’s digital economy
This week, businesses throughout the European Union (EU), indeed across the world, awaited the European Court of Justice’s decision on the Safe Harbour ruling with bated breath. The Safe Harbour agreement, the ‘pact’ which assisted tech giants such as Facebook to send personal, customer data between the US and the EU was ruled invalid on Tuesday 6th October 2015. The fifteen year-old Safe Harbour agreement was deemed not to eliminate the requirement for local privacy watchdogs to monitor and vet data protection measures undertaken by US firms. For businesses across the EU and the USA, this week’s ruling marks a significant turning point for online privacy and the future of the digital economy as a whole. What lies ahead?
It’s a matter of accountability
The EU Data Protection Derivative pinpoints ‘accountability’ as a core element of the secure sharing, handling and transferring of critical information. Moreover, this also states that customers should have the right to hold data collectors to account for any mishandling of their personal data. However, it is often a fear of accountability and privacy dangers that more often than not, prevent European businesses from exchanging, not to mention, optimising critical data to increase revenue and improve the overall customer experience.
Secure standards for data sharing needn’t be a hindrance to innovation or to maintaining customer satisfaction in the digital age, but can actually help power business forward. Binding Corporate Rules (BCRS) for example are a comprehensive global data protection and privacy framework, which can allow organisations to transfer personal data outside of the EU in the most secure manner possible, in conjecture with local regulations and laws. Put simply, BCRs can help to drive up levels of compliance and confidence in Europe and can fundamentally help businesses with secure data exchange. At BMC, we have just received such certification. In the aftermath of Safe Harbour, businesses can and should look to secure BCR accreditation as the next logical step forward.
The future of data privacy compliance
BCR accreditation should be considered as one of the new, platinum standards for future data privacy compliance and can apply to all personal information wherever it is collected, and then used in conjunction with that businesses’ particular activity. Furthermore, such accreditation sends a clear signal to customers and partners that data management is considered seriously, and meeting EU standards at the same time.
In the months that follow the Safe Harbour ruling, there will be a level of uncertainty amongst businesses in the USA and EU as to what lies next, and what clear regulations and guidelines will facilitate the safe handling of customer data in the future. What is clear though, is that robust, global frameworks for data privacy compliance must be implemented and adopted by global businesses now, to power forward the digital economy for many years to come.
Paul Appleby is EVP worldwide sales and marketing at BMC
Are you a security pro? Try our quiz!