Companies, digital transformation and information privacy

The next steps

Published September 2016

The Internet and sovereign privacy laws have been on a collision course for some time now, with growing tensions arising in all jurisdictions. The lack of trust burst into view in October 2015, with the European Court of Justice’s rejection of the Safe Harbour agreement, a set of guidelines that had previously been understood as providing sufficient security for European citizens’ private data to be held in or used by companies in the United States. The ruling about Safe Harbour’s inadequacy and questions about the proposed replacement agreement, Privacy Shield, which had been hammered out by EU and US negotiators, have created a legal limbo and have left companies that do business in the EU uncertain about how to proceed.

Online privacy is not just a subject of transatlantic debate. Concern about these issues is gathering steam around the world, including in Africa, the Middle East and Asia. What happens between Europe and the US, however, will shape the global data-sovereignty debate for years to come—both because of the prominence of the companies headquartered in both places and because the EU is the highest common denominator when it comes to privacy issues.