The EU-U.S. Safe Harbor Decision: Implications for the Asset Management Industry

November 11, 2015

In our recent OnPoint, we reported that the Court of Justice of the European Union (CJEU) declared that the “Safe Harbor,” upon which many companies in the EU and U.S. relied to share data both within and outside of their organizations, was invalid under EU law.

The Schrems v. Data Protection Commissioner of Ireland decision creates significant repercussions for EU to U.S. data flows across all sectors. Although much of the press commentary has related to the large technology firms that sell into Europe, it should not be overlooked that the broad ruling may impact businesses in the asset management industry. Specifically the ruling impacts:

  • Asset managers based in Europe that transfer “personal data” to U.S. affiliates or service providers;
  • U.S. asset managers that have EU affiliates acting as sales agents, who may transmit personal data back to the United States; and
  • Funds established outside of Europe that use European service providers (e.g., fund administrators).

European data protection laws apply to a wide category of “personal data,” which will capture much investor data.

This OnPoint provides background to the recent developments regarding the Safe Harbor’s effectiveness as a conduit for data transfers. It considers how these recent developments could affect the financial services industry, and offers six important considerations for an assessment of whether further action is necessary to comply with the changing landscape of EU data privacy regulation.

Read "The EU-U.S. Safe Harbor Decision: Implications for the Asset Management Industry."