• Français
  • English

Safe Harbor: May All Parties Assume Their Responsibilities! [by Olivier Iteanu, Cloud Confidence]


 On 6 October 2015, the Court of Justice of the European Union ruled Safe Harbor invalid. Safe Harbor is a programme designed in the late 90s by the United States government in negotiations with the European Commission to authorise American companies that join the programme to lawfully receive European personal data.

In its press release of 7 October 2015, the French National Commission on Information Technology and Civil Liberties (CNIL) noted this decision and naturally reminded that it is equivalent to a ban on the export of all data to the United States of America, except after obtaining express authorisation from the national data protection authorities, such as the CNIL.

The Cloud Confidence association believes that, in this new context, it is once again up to all individual parties, especially those responsible for European personal data processing, to assume responsibility for ensuring that their own cloud providers invariably respect European regulations on the matter.

For this reason, Cloud Confidence, founded in late 2014, has established a clear frame of reference that combines technical and legal commitments incumbent upon cloud providers that ensure, among other things, respect for European regulations on personal data, verified by an independent third-party certifier and an annual surveillance audit.

The Cloud Confidence association now calls upon the competent authorities to set out, as quickly as possible, a new legal framework between Europe and the United States that allows data to be exchanged as required for international trade. This new regulatory framework must be established in transparency, and the constraints that derive from it must be identical for European and American companies so that these companies may engage in fair competition.


About Cloud Confidence:

Cloud Confidence is a French law association whose objective is to build trust in cloud computing. To this end, the association is organised around three groups: providers, users/clients and ecosystem. Cloud providers, members of Cloud Confidence, commit to obtaining a certification based on a frame of reference designed and drafted by the association’s three groups. This certification is verified by an independent third party and audited annually. CEIS President Olivier Darrason is the association’s Chairperson; Olivier Iteanu, a lawyer, is its Vice-Chairperson; Jacques Sebag, Managing Director at DenyAll, is its Treasurer; Christophe Boitiaux, Marketing Director at Waycom, is its Deputy Treasurer; and Carole Maréchal, Head of Legal Affairs at Telehouse Europe, is its Secretary-General. The other members of the Board of Directors are Adsia, Aspaway, Edisia, EasyVista, Eptica, Oodrive, OpenTrust and Orange Business Services.