CSPs, IT management, MSP, Networking

Safe Harbor Ruling’s Channel Impact


At first glance, a European ruling involving the "Safe Harbor" of data mainly impacts big technology companies and massive cloud services providers (CSPs). But take a closer look, and you'll find the ruling potentially impacts businesses of all sizes -- including channel partners.

First, the big picture... What exactly is Safe Harbor and what does its demise mean to big technology and data-intensive companies? Bloomberg offered this perspective:

"U.S. Internet companies may lose billions of dollars and spy agencies may be stifled in thwarting terror plots after Europe’s highest court struck down a trans-Atlantic data-use agreement.

The U.S. Commerce Department will provide guidance to companies on how to proceed with data transfers in the wake of Tuesday’s ruling, which invalidates a 15-year-old agreement that allowed U.S. technology companies such as Facebook Inc. and Google Inc. to move European customers’ information to the U.S."

Storing and Moving Data: Changing Times

My reaction? On the one hand, Bloomberg is a pro-business news gathering organization. Their opening paragraph may sensationalize the situation a bit -- pressuring U.S. diplomats to find a fix. But the essence of the report is accurate: Businesses may need to spend heavily to change the way they gather, manage, store and move data (if at all) between Europe and the United States. And even if big dollars aren't at stake, business processes for managing data may need to change.

Cloud and social media giants like Amazon and Facebook are developing workarounds to address the end of Safe Harbor. And yes, the situation will impact smaller businesses, the Bloomberg report asserted:

“Small and medium-sized firms on both sides of the Atlantic will bear a disproportionate share of the burden of coping with new legal and administrative requirements and a lack of legal certainty,” said Myron Brilliant, executive vice president and head of international affairs at the U.S. Chamber of Commerce."

Still, the situation is fluid and many SMB-centric technology companies say it's too soon to pinpoint the ruling's potential implications.

"Without any concrete guidelines, it's too early to assess the full impact of this ruling," said Rob Autor, senior VP of global service delivery at Continuum, which offers remote monitoring, network operations center and business continuity services to MSPs. "We are carefully monitoring the situation. As rulemaking proceeds, we will be assessing what, if any actions may be required by Continuum or its partners to ensure compliance with European regulations."

CompTIA, an industry association serving IT professionals and channel partners, expressed concern about the ruling.

“We are disappointed in today’s decision by the CJEU and deeply concerned about the impact this will have on U.S. companies doing business in Europe, particularly small and medium-sized businesses," said Elizabeth Hyman, executive VP, public advocacy. "We will continue to encourage Congress to pass the Judicial Redress Act, and would urge the Department of Commerce to finalize negotiations with the European Commission on a new Safe Harbor as expeditiously as possible."

Safe Harbor's demise is largely blamed on the United States and the National Security Agency (NSA). European governments are worried about the NSA's ability to gather data worldwide for spying activities. Striking down Safe Harbor potentially is one way to defend European governments and businesses against the NSA activity.

ChannelE2E has reached out to additional cloud storage providers and data experts for their guidance on the EU ruling, and potential best practices for VARs, MSPs and CSPs going forward. We will update this article as guidance flows into our inbox.

Joe Panettieri

Joe Panettieri is co-founder & editorial director of MSSP Alert and ChannelE2E, the two leading news & analysis sites for managed service providers in the cybersecurity market.