[AusNOG] Fwd: Google Cloud Platform and the decision on Safe Harbor by the Court of Justice of the European Union

Serge Burjak sburjak at systech.com.au
Thu Oct 15 19:47:01 EST 2015 

Got this today

*European Safe Harbor ruling update and Google Apps*

*The following communication is being sent to you as a reseller of Google
Apps.*

Dear Partner,

On October 6, 2015, Europe’s highest court declared
<http://curia.europa.eu/jcms/upload/docs/application/pdf/2015-10/cp150117en.pdf>
that
the decision of the European Commission regarding the US-EU Safe Harbor
framework <http://export.gov/safeharbor/>―one of the legal mechanisms that
enables the transfer of personal data from the EU to US companies―is
invalid, on the basis that Safe Harbor doesn’t provide an adequate level of
protection for personal data originating in the EU.

In light of this ruling, we are sending the following email to Google Apps
customers who may be impacted:

Hello Apps Administrators,

*Please note that the update below is relevant only if you process personal
data and European Data Protection laws apply to that processing. This will
often be the case if your business is based in the European Union. If you
are unsure whether this applies to you, we suggest you seek advice from
legal counsel.*

On October 6, 2015, Europe’s highest court declared
<http://curia.europa.eu/jcms/upload/docs/application/pdf/2015-10/cp150117en.pdf>
that
the decision of the European Commission regarding the US-EU Safe Harbor
framework <http://export.gov/safeharbor/>―one of the legal mechanisms that
enables the transfer of personal data from the EU to US companies―is
invalid, on the basis that Safe Harbor doesn’t provide an adequate level of
protection for personal data originating in the EU.

Through 2015, the European Commission and the US have been negotiating a
revised Safe Harbor agreement that should address these concerns, but they
were not able to finalize the agreement before the court issued its ruling.
Both the Commission and the US have committed to finalizing the revised
agreement as soon as possible.

In the meantime, we’d like to reassure you that we offer a compliance
alternative to the Safe Harbor framework and have done so since 2012.
Specifically, we offer
<http://googleforwork.blogspot.com/2012/06/google-apps-to-offer-additional.html>
 a data processing amendment
<https://www.google.com/work/apps/terms/dpa_terms.html> and model contract
clauses <https://www.google.com/work/apps/terms/mcc_terms.html> as an
additional means―beyond the Safe Harbor framework―of meeting the adequacy
and security requirements of the EU Data Protection Directive
<http://europa.eu/legislation_summaries/information_society/data_protection/l14012_en.htm>.
Model contract clauses were created specifically by the European Commission
to permit the transfer of personal data from Europe.

Many Google Apps customers have already adopted the data processing
amendment and model contract clauses. If you have not already done so, we’d
like to remind our Google Apps customers to consider opting-in to the
data-processing amendment and model contract clauses. Instructions are
available in the Help Center
<http://support.google.com/a/bin/answer.py?hl=en&answer=2888485>.

We are committed to helping our customers address their regulatory
compliance needs in this area. If you have additional questions, please
contact your Google representative orGoogle Apps Technical Support
<https://connect.googleforwork.com/community/partners/apps/support/contact-google-support>
.

Sincerely,
The Google Apps Team

On 15 October 2015 at 18:17, Mattia Rossi <
mattia.rossi.mailinglists at gmail.com> wrote:

> This has been discussed a lot in Europe lately (as you can imagine).
>
> Thing is: Google will send out some updated T&C or similar, where you need
> to click accept in order to continue to use their service, agreeing to let
> Google store data in the US which can be inspected by the US government.
> Given that most people AND companies do actually not care about their data
> (especially the small and very small or individual businesses who make up a
> huge chunk of users) they will just click ok, and rather keep using the
> service, than look after their data. Many users won't even read this new
> T&C's as they never do, and simply accept.
>
> So in the End it's a bit of work for Google, they might lose a handful of
> customers, but overall nothing changes.
>
> That's my 2c.
>
> Question is: should you as provider (or facilitator) of those services
> explicitly tell your customers?
>
> Cheers,
>
> Mat
>
>
> Am 15.10.2015 um 06:16 schrieb Skeeve Stevens:
>
> Curious. Might be relevant to some.
>
> ...Skeeve
>
> *Skeeve Stevens - Founder & The Architect* - eintellego Networks Pty Ltd
> Email:  <skeeve at eintellegonetworks.com>skeeve at eintellegonetworks.com ;
> Web: eintellegonetworks.com
>
> Cell +61 (0)414 753 383 ; Skype: skeeve ; LinkedIn: /in/skeeve
> <http://linkedin.com/in/skeeve> ; Expert360: Profile
> <https://expert360.com/profile/d54a9> ; Keybase: https://keybase.io/skeeve
>
> ---------- Forwarded message ----------
> From: Google Cloud Platform <CloudPlatform-noreply at google.com>
> Date: Thu, Oct 15, 2015 at 12:11 PM
> Subject: Google Cloud Platform and the decision on Safe Harbor by the
> Court of Justice of the European Union
>
>
>
> *Please note this email is relevant to you only if you are using Google
> Cloud Platform to process personal data and European Data Protection laws
> apply to that processing.*
>
> Hello Google Cloud Platform Customer,
>
> The recent ruling by the Court of Justice of the European Union (CJEU)
> declaring the European Commission’s decision on US-EU Safe Harbor framework
> to be invalid is an important development in the area of data protection.
>  You can expect our full support as we work together to address this
> development, as there is nothing more important to us than your trust,
> privacy and security. We are awaiting more information from the European
> Commission (EC) and data protection authorities regarding their responses to the
> court decision.
>
> The European Commission and the US have been actively working on a revised
> Safe Harbor agreement that should address these concerns, but they were
> unable to finalize the new agreement prior to the court ruling. Both have
> indicated that they want to finalize the new Safe Harbor framework as soon
> as possible. Additionally, we have been actively working on adopting Model
> Contract Clauses (MCCs) for the transfer of personal data from the EU to
> the US.  We already have MCCs as an option for Google Apps for Work
> customers, and in light of the ruling, we are accelerating our MCC efforts
> for Google Cloud Platform.
>
> We will update you in the coming weeks on further developments in this
> area. We appreciate you placing your trust in us.
>
> The Google Cloud Platform team
>
> © 2015 Google Inc. 1600 Amphitheatre Parkway, Mountain View, CA 94043
> You have received this mandatory email service announcement to update you
> about important changes to Google Cloud Platform or your account.
>
>
>
> _______________________________________________
> AusNOG mailing listAusNOG at lists.ausnog.nethttp://lists.ausnog.net/mailman/listinfo/ausnog
>
>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20151015/947f61ea/attachment.html>

More information about the AusNOG mailing list