Europe’s Top Court Strikes Down ‘Safe Harbor’ Data-Transfer Agreement With U.S. | TechCrunch
Does Marketo have a response to this as they are the data processors here? Actually our Legal team is already asking. So tough for us marketers to operate efficiently in a global environment!
Solved! Go to Solution.
Like you, Marketo takes privacy seriously. We treat the data that you collect and use on our platform with the utmost sensitivity and employ strict policies and appropriate protections to help ensure the privacy of that information.
Marketo is responding to the recent invalidation of the Safe Harbor Program by developing an addendum to our services agreement that will incorporate the standard contractual clauses, which is an alternative mechanism for transferring personal data outside the EU in compliance with EU data protection law.
More information on the availability of the addendum will be available soon. Check here for updates Update from Marketo on the EU-US Safe Harbor Framework
You beat me to the question, Dan! We had a meeting today in which we touched on the decision. Our Compliance and Legal are looking into it but there certainly is no good news upfront.
This is an excellent question. From what I understand, it may impact US companies with EU subisdiaries even more than EU companies, since for the later, Marketo provides EU based data centers.
The only good news is that other vendors will be in the same difficult situation.
@Sanford, What about doing the reverse and ask to have all your data hosted in the EU?
For us, such a drastic move would seem beyond consideration. Performance of hosted services is already shoddy enough over international links. And if you turn to a CDN, you are (arguably) allowing PII to be "data at rest" on US shores, reopening the same problem.
And internal databases with international PII are also affected. Moving on-premises databases -- perhaps kept on-premises specifically for security reasons! -- fully to cloud environments in order to have data reside within the EU is a monster of a task. And local caching, or simply a locally saved report, seems like it might violate the new rules.
But nobody knows for sure what'll happen. I'm sure all loopholes will be explored. Maybe it's all RDP from now on!
What does RDP stand for ?
Remote Desktop Protocol
I would not be surprised that this is decision from the EU Court of Justice is just the beginning of a negotiation and that at the end, they will find an agreement.
But if not, if you look into it, this probably means that vendors, Marketo included, will be asked to provide architecture where data could be split and the admin could decide to host various data sets in various places.
2 possible ways :
In any case, not an easy task...
I hope you're right that there will be some adjustments made.
As for your second bullet, though, "easily share info between them" is exactly the problem. The partitioning needs to be true, rather than merely window-dressing.
At least this what the press is saying here. They think the status quo is impossible.
Another important point is that the EUCJ has not stated any grace period for large internet companies to comply, but the Court decision does not apply as is. Every country has to implement this decision locally, which may take a few weeks, be relayed through local courts, etc...
The whole thing started with the lawsuit of an Austrian lawyer in Ireland 🙂