Reuters: safe harbour not working

An agreement between the US and Europe on data protection is an ineffective compromise and has diluted stringent European rules...

An agreement between the US and Europe on data protection is an ineffective compromise and has diluted stringent European rules to maintain the security of personal data, according to Reuters' global security chief.

European rules forbid companies from transferring data to any country beyond the EU that has inferior data protection policies, including the US. In response to concerns that these rules might stifle trade with the US, which does not have as stringent data protection safeguards, the EU devised the "safe harbour" code. If a company signs up to follow the code, it can freely transfer data.

But speaking at the E-Business Regulatory Alliance Conference last week, Mark Lomas, global security chief at news and information firm Reuters, said his company collected and processed data worldwide to EU data protection standards and not the transatlantic safe harbour rule.

"We collect data in New York, the Far East and the UK but process it as if in the UK," he said. "Safe harbour is a compromise and is not working as claimed. US organisations can say they believe they comply with the principles of European data protection regulation then sign a declaration."

"Reuters does not use the safe harbour rule. We have explicit control," he said.

Lomas's concerns follow the news earlier this month that European data protection ombudsman Jacob Soderman had written to European Commission president Romano Prodi, expressing fears that data protection rules were being misinterpreted.



Enjoy the benefits of CW+ membership, learn more and join.

Read more on IT risk management



Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:




  • Dissecting the Hack

    In this excerpt from chapter three of Dissecting the Hack: The V3RB0TEN Network, authors Jayson E. Street, Kristin Sims and Brian...

  • Digital Identity Management

    In this excerpt of Digital Identity Management, authors Maryline Laurent and Samia Bousefrane discuss principles of biometrics ...

  • Becoming a Global Chief Security Executive Officer

    In this excerpt of Becoming a Global Chief Security Executive Officer: A How to Guide for Next Generation Security Leaders, ...