<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
Ineresting point which I didn't think of (if I understand this
correctly): <br>
<br>
The issue is actually that you as a business could store data with
personal information about others. So if that data gets to the US,
that business is liable.<br>
<br>
So to relate this to AusNOG: If you as an ISP store data of European
customers in the cloud or in the US (Let's say, expats, immigrants
etc. like I was), you might actually risk being sued by that
customer....<br>
<br>
Something to think about I guess.<br>
<br>
Cheers,<br>
<br>
Mat<br>
<br>
<div class="moz-cite-prefix">Am 15.10.2015 um 10:47 schrieb Serge
Burjak:<br>
</div>
<blockquote
cite="mid:CADtgiZCqs5fZfZ1zhxXRmLoQYWcJge7hy-JsMp1zK7tNZZMzcA@mail.gmail.com"
type="cite">
<div class="gmail_default" style="font-family:tahoma,sans-serif">
<p style="font-family:arial,sans-serif;font-size:18px"><strong>European
Safe Harbor ruling update and Google Apps</strong></p>
<p style="font-family:arial,sans-serif;font-size:12.8px"><em>The
following communication is being sent to you as a reseller
of Google Apps.</em></p>
<p style="font-family:arial,sans-serif;font-size:12.8px">Dear
Partner,</p>
<p style="font-family:arial,sans-serif;font-size:12.8px">On
October 6, 2015, Europe’s highest court <a
moz-do-not-send="true"
href="http://curia.europa.eu/jcms/upload/docs/application/pdf/2015-10/cp150117en.pdf"
target="_blank">declared</a> that the decision of the
European Commission regarding the <a moz-do-not-send="true"
href="http://export.gov/safeharbor/" target="_blank">US-EU
Safe Harbor framework</a>―one of the legal mechanisms that
enables the transfer of personal data from the EU to US
companies―is invalid, on the basis that Safe Harbor doesn’t
provide an adequate level of protection for personal data
originating in the EU.</p>
<p style="font-family:arial,sans-serif;font-size:12.8px">In
light of this ruling, we are sending the following email to
Google Apps customers who may be impacted:</p>
<blockquote
style="font-family:arial,sans-serif;font-size:12.8px">
<p>Hello Apps Administrators,</p>
<p><em>Please note that the update below is relevant only if
you process personal data and European Data Protection
laws apply to that processing. This will often be the case
if your business is based in the European Union. If you
are unsure whether this applies to you, we suggest you
seek advice from legal counsel.</em></p>
<p>On October 6, 2015, Europe’s highest court <a
moz-do-not-send="true"
href="http://curia.europa.eu/jcms/upload/docs/application/pdf/2015-10/cp150117en.pdf"
target="_blank">declared</a> that the decision of the
European Commission regarding the <a moz-do-not-send="true"
href="http://export.gov/safeharbor/" target="_blank">US-EU
Safe Harbor framework</a>―one of the legal mechanisms that
enables the transfer of personal data from the EU to US
companies―is invalid, on the basis that Safe Harbor doesn’t
provide an adequate level of protection for personal data
originating in the EU.</p>
<p>Through 2015, the European Commission and the US have been
negotiating a revised Safe Harbor agreement that should
address these concerns, but they were not able to finalize
the agreement before the court issued its ruling. Both the
Commission and the US have committed to finalizing the
revised agreement as soon as possible.</p>
<p>In the meantime, we’d like to reassure you that we offer a
compliance alternative to the Safe Harbor framework and have
done so since 2012. Specifically, we <a
moz-do-not-send="true"
href="http://googleforwork.blogspot.com/2012/06/google-apps-to-offer-additional.html"
target="_blank">offer</a> a <a moz-do-not-send="true"
href="https://www.google.com/work/apps/terms/dpa_terms.html"
target="_blank">data processing amendment</a> and <a
moz-do-not-send="true"
href="https://www.google.com/work/apps/terms/mcc_terms.html"
target="_blank">model contract clauses</a> as an
additional means―beyond the Safe Harbor framework―of meeting
the adequacy and security requirements of the EU <a
moz-do-not-send="true"
href="http://europa.eu/legislation_summaries/information_society/data_protection/l14012_en.htm"
target="_blank">Data Protection Directive</a>. Model
contract clauses were created specifically by the European
Commission to permit the transfer of personal data from
Europe.</p>
<p>Many Google Apps customers have already adopted the data
processing amendment and model contract clauses. If you have
not already done so, we’d like to remind our Google Apps
customers to consider opting-in to the data-processing
amendment and model contract clauses. Instructions are
available in the <a moz-do-not-send="true"
href="http://support.google.com/a/bin/answer.py?hl=en&answer=2888485"
target="_blank">Help Center</a>.</p>
</blockquote>
<p style="font-family:arial,sans-serif;font-size:12.8px">We are
committed to helping our customers address their regulatory
compliance needs in this area. If you have additional
questions, please contact your Google representative or<a
moz-do-not-send="true"
href="https://connect.googleforwork.com/community/partners/apps/support/contact-google-support"
target="_blank">Google Apps Technical Support</a>.</p>
<p style="font-family:arial,sans-serif;font-size:12.8px">Sincerely,<br>
The Google Apps Team</p>
</div>
</blockquote>
<br>
</body>
</html>