Safe Harbor Agreement

The European Commission's Directive on Data Protection went into effect in October, 1998, and would prohibit the transfer of personal data to non-European Union nations that do not meet the European "adequacy" standard for privacy protection.

In order to bridge the different privacy approaches and provide a streamlined means for U.S. organizations to comply with the Directive, the U.S. Department of Commerce in consultation with the European Commission developed a "safe harbor" framework. The Safe Harbor, approved by the EU in 2000, is a way for U.S. companies to avoid experiencing interruptions in their business dealings with the EU or facing prosecution by European authorities under European privacy laws that are much stricter than in the U.S.

To qualify for the Safe Harbor, an organization can either join a self-regulatory privacy program or develop its own self regulatory privacy policy. It's that easy!

Related Matter


U.S. Trends

Canada and Outside the U.S.:
Canada Challenges Patriot Act
Canadian DNA Database
Safe Harbor Agreement
US-VISIT Program