CJEU Schrems judgment: A threat to interoperability and the open Internet

On 6 October 2015, the Court of Justice of the European Union declared the European Commission’s Decision on the EU-US safe harbour arrangement invalid. The judgment is effective immediately. As a result, Safe Harbour no longer delivers legal certainty, and data transfers relying on it are at risk and could be questioned.

Since its inception, ECIS has strived to achieve greater interoperability and more openness and has stressed the importance of the ability to freely connect and communicate through information technology as an indispensable tool for individuals, public administrations, non-governmental organisations and enterprises around the world.

ECIS expresses its great concern that the judgment puts at risk hundreds of thousands of jobs and companies, based on either side of the Atlantic, that rely on the EU-US safe harbour arrangement to transfer data from the EU to the US. The judgment creates uncertainty for users, not only larger corporations but also the very large number of small and medium sized enterprises. Switching to other transfer mechanisms will take time and incur costs for providers of Internet based commerce and services – this strikes at the heart of the Digital Single Market at the very time the EU is attempting to strengthen it and boost innovation. By declaring the relevant EC Decision invalid in such an abrupt manner, the very nature of the open and global Internet and the underlying interoperability, which we take for granted, is facing a crisis and the impact on trade, particularly all types of digital trade, could be very serious, stalling innovation and progress.

In May 2015, in its Digital Single Market Communication, the European Commission called for the need of data to flow freely across borders under unified standards in order to nurture digital growth in Europe. ECIS commended this as the right approach. Indeed, we strongly believe that restrictions on data flows could cripple Europe’s competitiveness.

We urge the European Commission, the national data protection authorities, and Article 29 Working Party to consider these risks in the guidance they plan to issue. We further stress the importance that such guidance is issued as quickly as possible as in the meantime data transfers from the EU to the US face significant risks. We welcome the EC’s announcement that it will seek to ensure consistent pan-European guidance, and call for a durable solution through its negotiations with the US on the safe harbour arrangements.