- Safe Harbor Home
- U.S.-EU Safe Harbor Home
- U.S.-EU Safe Harbor List
- U.S.-EU Safe Harbor Overview
- U.S.-EU Safe Harbor Documents
- U.S.-EU Safe Harbor Certification Checklist
- U.S.-EU Safe Guide to Self-Certification
- Certification Workbook
- Safe Harbor Login/Certification Form
- U.S.-EU Safe Harbor Framework Certification Mark Instructions
- Annual Reaffirmation
- News & Events
- Contact Safe Harbor
- Data Privacy Links
U.S.-EU Safe Harbor Framework Documents
The documents listed and published below constitute the "safe harbor" privacy framework that the U.S. Department of Commerce has negotiated with the European Commission.
The U.S.-EU Safe Harbor Framework is set forth in a set of 7 privacy principles, 15 frequently asked questions and answers (FAQs), the European Commission's adequacy decision, the exchange of letters between the Department and the European Commission, and letters from the Federal Trade Commission and the Department of Transportation on their enforcement powers. The U.S.-EU Safe Harbor Framework includes the final documents issued by the United States and published in the Federal Register on July 24, 2000 and September 19, 2000, and by the European Commission on July 28, 2000.
I. U.S. DOCUMENTS - July 2000
A. Cover Letter from Acting Under Secretary for International Trade Administration Robert S. LaRussa
B. U.S.-EU Safe Harbor Privacy Principles
C. Frequently Asked Questions (FAQs)
1. Sensitive Data
2. Journalistic Exceptions
3. Secondary Liability
4. Investment Banking and Audits
5. The Role of the Data Protection Authorities
6. Self-Certification
7. Verification
8. Access
9. Human Resources
10. Article 17 Contracts
11. Dispute Resolution and Enforcement
12. Choice - Timing of Opt-out
13. Travel Information
14. Pharmaceutical and Medical Products
15. Public Record and Publicly Available Information
D. Letter from the U.S. Department of Commerce to the European Commission transmitting the Safe Harbor Privacy Principles and FAQs, etc.
E. U.S.-EU Safe Harbor Enforcement Overview
F. Department of Commerce Memorandum on Damages for Breaches of Privacy, Legal Authorizations and Mergers and Takeovers in U.S. Law
G. Letter from the Federal Trade Commission concerning its jurisdiction over consumer privacy issues
H. Letter from the Department of Transportation concerning its authority in protecting the privacy of consumers with respect to information provided to airlines
II. EUROPEAN COMMISSION DOCUMENTS - July 2000
A. Letter from Commission Services transmitting the European Commission's Adequacy Finding
B. European Commission's decision C(2000) 2441 finding the safe harbor to provide adequate protections
C. Text on Non-Discrimination adopted by the Article 31 Committee on May 31, 2000
D. Text on Non-Discrimination adopted by the Article 29 Working Party on February 3, 2000
.
Standard Contractual Clauses
On January 19, 2001, the European Commission released its draft of standard contractual clauses (model contract provisions) to be used by U.S. organizations as an alternative to compliance with the EU Directive on Data Protection.
- February 16 Joint Commerce/Treasury Letter to the European Commission
- DOC Staff Comments
- March 23 Joint Treasury/Commerce Letter to the European Commission
On June 15, 2001 the European Commission approved its draft of the standard contractual clauses.
On February 5, 2010 the European Commission adopted a decision updating the standard contractual clauses.