An EU Court Just Sank The U.S. Digital Privacy Safe Harbor: Must Congress Pass An Internet Privacy Law Now?

Date: Friday, October 13


  • Damien Levie, Head of Trade Section, Delegation of the European Union to the United States (Bio)
  • Mary Ellen Callahan, Partner, Jenner & Block, Moderator (Bio)
  • Adam Schlosser, Director, Center for Global Regulatory Cooperation International, U.S. Chamber of Commerce (Bio)
  • Abigail Slater, VP, Legal and Regulatory Policy at the Internet Association (Bio)
  • Amie Stepanovich, U.S. Policy Manager, Access (Bio)


On Tuesday the European Court of Justice (ECJ) declared the US EU Safe Harbor digital privacy agreement invalid as part of a suit against Facebook. The implications of this decision are massive for U.S. Internet companies. The ECJ decision torpedoed the 15 year-old Safe Harbor agreement between the U.S. Department of Commerce and the European Union. Since the U.S. does not have a digital privacy law that the EU recognizes as “adequate” the Safe Harbor agreement served as a stop gap to assure that personal information of EU citizens could flow to U.S. Internet companies. Close to 5,000 U.S. companies rely on the Safe Harbor to operate internationally, including Google, Facebook, and Amazon. The European court justified the scuttling of the Safe Harbor in large part by noting that NSA surveillance was unstoppable and renders the Safe Harbor an inadequate protection for Europeans’ personal information.

Our panel will explore the EU court’s decision and whether Congress will have to pass a digital privacy law immediately before international data flows dry up. Our panel will also look at other options for U.S. companies in lieu of congressional legislation.