In the European Union, data privacy is a fundamental right. Think life, liberty and the sanctity of your Gmail inbox. The EU’s data privacy laws are therefore more stringent than similar laws in the United States. From 1995, when the EU’s laws came into effect, until 2000, this was a big problem for US companies doing business internationally. Compliance with stricter data privacy laws is expensive, logistically difficult, and – well – really, really expensive.
On July 26, 2000, everything changed. The European Commission adopted the “Safe Harbor Adequacy Decision.” This allowed US companies to opt-in a self-certify that they complied with a stipulated set of US/EU data privacy standards.
On October 6, 2015, everything changed. Again.