In fact, the Safe Harbor framework does not provide appropriate data protection according to EU standards. Any organization can declare to adhere to it without any certification by a neutral third party. How should an EU citizen or small company be able to enforce their rights in US courts? Does the FTC take complaints of data protection violations in other languages then English - if it accepts complaints at all? What about all the non English speaking EU citizens? What is the value of the Safe Harbor framework if a self-declared participant such as Facebook blatantly ignores EU data protection standards on an ongoing basis?
Does this apply also to Google Apps Engine?Meaning can ISVs hosting their apps on GAE claim their data is also safe-Harbor protected?
You are welcome to comment here, but your remarks should be relevant to the conversation. To keep the exchanges focused and engaging, we reserve the right to remove off-topic comments, or self-promoting URLs and vacuous messages