• Americas

      Count on quality and consistent customer services across more than 290 data centers in North and South America.

    • EMEA

      Harness cloud and carrier-neutral data center, colocation, and interconnection solutions across Europe and Africa.

    • Customer Stories

      • XTREME-D

        Find out how XTREME-D was able to meet its objectives and has positioned itself for further growth by partnering with Digital Realty and leveraging PlatformDIGITAL®.

        Keep Reading
      • Telefónica UK

        See how they leveraged PlatformDIGITAL™ Data Hub to localise data aggregation, staging, analytics, streaming and data management to optimise data exchange and maintain data compliance.

        Keep Reading
      • Criteo

        By partnering with a company like Digital Realty, Criteo has somebody who can work with them to ensure they move a long way towards their sustainability goals

        Keep Reading
      • Join Digital

        With increasing demand for a turnkey experience, Join™ helps their customers brings the built and digital worlds together with the essential Network-as-a-Service and IT-as-a-Service offerings for Smart Buildings and Smart Workplaces.

        Keep Reading
      • AIB

        AIB, Inc., a leading data exchange and management firm serving over 1600 automotive customers, sought to diversify their cloud portfolio to realize reduced latency, increased availability, and harden security posture.

        Keep Reading
    • Data Gravity Insights Hub

      Click to learn more

    • Investor Relations

      Digital Realty owns, acquires, develops and operates data centers. The company is focused on providing data center, colocation and interconnection solutions for domestic and international customers.

    • NYSE: DLR


      -0.94 (-0.60%)
      * Previous Day's Close
    • Investor Relations
    • Leadership
— Blog

What the EU Safe Harbour court ruling could mean for your business

October 23, 2015

By: Robert Bath, VP Global Solutions and Tom Kingham, Director Sales Engineering, EMEA

On October 6, the European Court of Justice ruled that Decision 2000/520 of the European Commission, which stated that Safe Harbour-certified US companies provide adequate protection for personal data transferred to them from the EU (the Safe Harbour Adequacy Decision), is invalid. The judgment is immediately effective without a grace period. The Court of Justice ruling in October declared invalid the Safe Harbour framework that had been in place between the European Union and the United States since 2000. The framework gave companies the ability to move personal data of European data subjects to the US, even though U.S. laws were not deemed “adequate as a general matter”. To participate in the framework, U.S. data importers were obliged to self-certify to a series of principles designed to ensure personal privacy was protected. In response, the EU Commission and US negotiators are attempting to reach agreement on a new version of Safe Harbour – dubbed “Safe Harbour 2.0” before the end of January 2016, when the Data Protection Authorities (as the Article 29 Working Group) has stated that enforcement against companies for relying on the (now invalid) old framework will begin.

So, what does this invalidation mean for the more than 4,000 companies which had previously relied upon Safe Harbour to justify U.S. based service providers or affiliates accessing EU personal data? Each now needs to carefully review its data processing strategies and identify whether contractual or operational changes are required to maintain compliance, especially in light of the risk that Safe Harbour 2.0 is not timely adopted or itself is invalidated.

One potential avenue for companies to avoid relying on the Safe Harbour framework is to open data centres in the EU for storage of the data of EU citizens. Such data-localisation activity, driven partially by longstanding Safe Harbour concerns, has already started. For example, US-based NetSuite has announced plans to open a new outsourced data centre in Dublin, while Google is expanding its facility in Belgium and building another data centre in The Netherlands.

However, building your own data centre is not an appropriate strategy for all organisations who wish to establish an EU presence. The cost of establishing, maintaining, and supporting connectivity to a dedicated private data centre is simply out of the reach of many firms. An alternative for those firms is to leverage a local data centre service provider who can connect them to the cloud and to other data centres in an agile fashion.

Digital Realty is positioned to help customers who wish to establish a presence in an EU-located data centre while achieving their cloud and colocation needs through a hybrid architecture. The combination of our robust European platform, colocation offering, and direct connexions to cloud providers (offering in-region capacity) allows us to help firms of all sizes adopt the right solution.

Taking a hybrid approach to the challenge can deliver additional benefits. By selecting the right partner with a strong European presence, organisations will be able to become part of an ecosystem that provides capacity and connectivity wherever it’s required. We call it the ‘elastic hybrid cloud’.

Broader opportunities for the region?

Rather than being merely an onerous drag on companies, concerns about EU data requirements could well provide a shot in the arm for digital investment. The region already has a leading data centre and network infrastructure. Further investment in this vital capacity as demand continues to increase could spark innovation among governments and local IT firms and will also ensure firms have access to the capacity and flexibility they require for future growth.

Digital Realty is poised to help companies and cloud firms continue to grow, in spite of any uncertainty arising from this Court of Justice ruling, and assist with laying the groundwork for the realisation of the ‘elastic hybrid cloud’ in Europe and beyond.

We will continue to work with our clients as they adapt to the changing regulatory landscape while at the same time positioning them to take full advantage of future opportunities.