The EU has ruled in October 2015 that the US ‘Safe Harbour Agreement' (regarding transfer of electronic personal data such as email address) is invalid and no longer recognised.
If you are currently using email marketing as a part of your marketing strategy. The chances are that you have a database on the cloud of your subscriber’s email addresses and possibly other associated information such as their name, company and contact details.
All UK and EU based companies are obliged to meet certain standards in terms of how this data is collected, stored, transferred and used. These standards are outlined by The Data Protection Act 1998 and The EU’s Data Protection Directive.
The EU’s has stated the following guidance:
"The Data Protection Directive1 provides that the transfer of personal data to a third country may, in principle, take place only if that third country ensures an adequate level of protection of the data. The directive also provides that the Commission may find that a third country ensures an adequate level of protection by reason of its domestic law or its international commitments. Finally, the directive provides that each Member State is to designate one or more public authorities responsible for monitoring the application within its territory of the national provisions adopted on the basis of the directive (‘national supervisory authorities’). "
Court of Justice of The European UnionPress Release No.117/15 Oct 15
In the US, “The Safe Harbour Agreement” was created - to ensure that these standards are met. The Safe Harbour is the name of an agreement between the United States Department of Commerce and the European Union that regulated the way that US companies could store and process the personal data of European citizens.
It used to be the case that these standards were covered by The Safe Harbour Agreement, when dealing with US based companies who stored your data. For quite a while the EU have voiced concerns that US based companies were not adhering to UK and EU law.
In October the EU declared the framework of The Safe Harbour Agreement invalid and no longer recognised it as US companies were not abiding by it.
Read the full Court of Justice of The European Union Press Release
Now that the EU have declared the Safe Harbour Agreement invalid, US companies wishing to deal with EU/UK based companies can no longer rely on “self certification’ (confirming that they comply with The Safe Harbour Agreement). They must now create “Model Contract Clauses” - every US based company wishing to continue storing EU/UK data must create their own agreement with the EU
The big boys such as Google, Facebook, Apple & Microsoft are already doing this, but these bespoke agreements may not be a viable route for US companies that don’t have the resources to get involved with protracted negotiations with the EU law makers.
The first thing to do is to check that your current supplier are storing your data in the UK, your UK based supplier may be using US based servers without you knowing. If your data lives outside of the UK then it’s time to consider a move.
Currently, the US are unwilling to agree to anything imposes any restrictions their governments access to EU citizen’s data, stored by American companies. The US has also refused to allow EU citizens permission to sue US based companies that misuse their data.
These negotiations have already been going on for 2 years. Last year Edward Snowden had revealed how the US government had accessed EU data. The NSA had routinely accessed US servers containing EU citizen’s data.
Relating to everything we’ve outlined above, here at email blaster we are proud to be 100% located here in the UK.
We don’t outsource anything, we are an entirely UK based email marketing service provider. Everything we do we are passionate about and we really don’t like sharing our toys with the other kids. To design and create the best software and support out there, we simply didn’t want to involve anyone else.
When you talk to us, you’ll be talking to people that designed and created email blaster. We think that makes us different.