Six months ago, Box seemed in no rush to open EU data centers. That sentiment changed this week following a court ruling that invalidates the 15-year-old Safe Harbor agreement.

The EU has much stricter data protection laws than the U.S, and Safe Harbor was designed to protect EU citizens’ data being processed in the U.S. Theoretically, Safe Harbor meant U.S companies were expected to treat data moved outside of EU with the same privacy protections as data within it. Now, the European Court of Justice (ECJ) has struck down the agreement, in part due to fears of U.S surveillance.

It’s left much of the technology industry scrambling to understand the impact, and Box has now stated it is working towards allowing its customers to choose where to store their data.

Aaron Levie, Box’s co-founder and chief executive, told The Telegraph: “In a year from now I would absolutely expect we will have customers storing their data internationally. We’re building towards it now.”

Fortunately Huddle customers don’t need to wait a year. We maintain data centers in the UK and within Europe (as well as a totally separate instance within the U.S).

In fact, data residency is one of the most important concerns our clients have, especially those in government and the public sector, but increasingly in highly regulated industries such as accounting, consulting and banking as well. Huddle’s own findings (from a 2015 survey of 4,000 government and public sector employees) found that (despite Safe Harbor), maintaining UK data residency was important to 66% of government IT professionals.

Of course, the ECJ’s ruling doesn’t order an immediate end to EU-U.S. data transfers, it simply gives EU regulators the right to investigate and suspend them if they don’t feel the company provides sufficient protections. Further, prior to the ECJ ruling, the U.S. and EU had already begun 2 years of negotiations to update the Safe Harbor agreement.  We currently await the new EU Privacy Regulation in 2016 which will no doubt now reflect the recent findings of ECJ. This new regulation will supersede Directive 95/46/EC, which was passed in 1995 at a time prior to the ‘mass globalization of data’ and the inception of the large tech giants such as Facebook. The new regulation will ensure that all 28 EU member states have commonality in law to the handling of personal data, something that is likely to have a profound effect on tech companies storing data in the U.S.

In the meantime, U.K. and EU organizations face a challenge as they look to benefit from cloud collaboration. At Huddle, we understand that you want to maintain control over the location of your data, and we understand and that you’ll need to conduct a risk assessment as to the adequate level of protection needed for your data. That’s why (unlike many commercially available tools), Huddle has its own ISO27001:2013 certificate and do not rely, as many other providers do, on the data centers. Huddle understands the important role we play in ensuring the confidentiality, integrity and availability of your data.   

Alastair Mitchell

Co-founder

How does the public sector feel about data security?

SEE THE RESEARCH

Is data residency important to your organization?

START FREE TRIAL


Request a Demo
trillatron

© 2006 - 2019. All Rights Reserved.