The European Commission’s Directive on Data Protection went into effect in October of 1998, and would prohibit the transfer of personal data to non-European Union nations that do not meet the European “adequacy” standard for privacy protection. While the United States and the European Union share the goal of enhancing privacy protection for their citizens, the United States takes a different approach to privacy from that taken by the European Union.
In order to bridge these different privacy approaches and provide a streamlined means for U.S. organizations to comply with the Directive, the U.S. Department of Commerce in consultation with the European Commission developed a "Safe Harbor" framework and Export.gov/Safe Harbor website to provide the information an organization should need to evaluate – and then join – the Safe Harbor.
The Safe Harbor Workbook is designed to aid U.S. businesses assess their privacy policies and practices with respect to complying with the Safe Harbor privacy framework. Because implementation of the Safe Harbor will require you to consider your organization’s specific needs, practices, and objectives, this guide does not constitute legal advice and is not intended to substitute for the services of legal counsel or other qualified professionals. The information in this publication is provided on an "as is" basis, and no warranty of the suitability of the advice offered for your organization is made by this publication.