Online Data Protection: Consumer Protection or Fundamental Right?

On October 6, 2015, Europe’s highest court, The European Court of Justice (ECJ), ruled that the long-standing international agreement called “Safe Harbor” was immediately invalid.  Safe Harbor allowed companies to transfer the digital data of individuals between the U.S. and the E.U., as long as there was an “adequate” level of privacy protection.
The European Commission’s July 2000 decision to implement Safe Harbor was an attempt to regulate the E.U. and U.S.’s approach to privacy because the European Commission believed that an adequate level of protection lacked through domestic law or international commitments.  This level of protection gap stems from the different approaches the U.S. and E.U. have about online data security where the U.S. privacy is viewed as a consumer protection issue, but in Europe, privacy is viewed as a fundamental right, similar to rights granted in the U.S. Constitution.
Now with the ECJ’s ruling, the EU may make their own determinations as to how companies will collect and use information gathered on its citizens, which removes the uniformity among the EU nations with regard to data privacy.  Moreover, because there are thousands of U.S. companies, which are certified under Safe Harbor, there is a concern that without the means to transfer data from Europe to the U.S., trans-Atlantic trade will suffer.
The ECJ’s ruling suggests that there was not a problem with the Safe Harbor concept, but rather the lack of procedural safeguards in the Safe Harbor.  Therefore, until modifications to the Safe Harbor occur that may adequately protect the fundamental rights of the E.U. citizens whose data is being transferred to the U.S. and the U.S. passes legislation that restricts the power of the government to access personal data, there can no longer be transfers of data from the EU to the U.S.  
Best regards
und viele Grüße aus Charlotte
Reinhard von Hennigs