Skip to main content

German privacy regulator fines Adobe, others over defunct data transfer pact

CSR Thoughts...

With Safe Harbor gone, and the future of the EU-US Privacy Shield in doubt, companies are finding it difficult to transfer personal data out of the EU without risk of a privacy enforcement action.  A German privacy regulator has proven that there is indeed a cause for concern, fining three international companies thousands of euros for unlawfully transferring data to the U.S.  With no concrete deal in place, “The uncertainty has left many firms in a legal limbo. Supporters warn that absent a new deal, the future of the behemoth bilateral trade relationship between the U.S. and the EU — valued at $1 trillion in 2014 — will be endangered”.  CSR continues to monitor the developments, ensuring our clients have the most up-to-date information as possible.  



The Hill

A German privacy regulator has fined three companies for using an invalidated agreement between the U.S. and the EU to transfer European citizens’ data across the Atlantic, Reuters reports.  The Hamburg Data Commissioner announced on Monday that it has fined Adobe Systems, Punica, a juice maker that is a subsidiary of PepsiCo, and Unilever, an Anglo-Dutch consumer goods group.  The fines totaled 28,000 euros ($32,000), with the largest fine, 11,000 euros ($12,500), going to Unilever.
The action is the first high-profile example to date of a European privacy regulator cracking down on companies still using the defunct agreement.