유럽사법재판소의 Safe Harbor 무효판결의 의미 - 국외전송정보의 보호를 위한 정보보호위원회의 조사권과 개인정보침해에 대한 구제방법 -

Safe Harbor Framework was declared to be invalid by the Judgement of Court of Justice of European Union. The Judgement of the Court came from the complaints of Max. Schrems and the finding of Snowden’s revelation on the access of NSA to servers of organizations in U.S. Max. Schrems who was a student of Law School in Austria brought this revelation into the Judge of history. The Judgement answered the questions referred by the Irish High Court as follows: Article 28 of Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and Articles 7 and 8 of the Charter of Fundamental Rights of the European Union empowered a national supervisory authority to investigate a complaint alleging an inadequate level of protection of the personal data transferred and to suspend the transfer of that data. Article 25(6) of Directive 95/46/EC requires of condition that a third country ensures an adquate level of protection, within the meaning of Safe Harbor Principles and Q&As and enforcement. European Commission made a Commission Decision 2000/520/EC of 26 July 2000 pursuant to that Directive, which gave a birth of Safe Harbor Framework. However, in the fourth paragraph of Annex I to that decision, titled derogation, open the door to the United States authorities’ use of personal data of EU citizen. And their misuse of derogation was contrary to Articles 7, 8 and 52(1) of the Charter since it does not pursue an objective of general interest defined with sufficient precision and the proportionality of the interference. Therefore that Decision 2000/520, and provided by the safe Harbor privacy principles declared to be invalid.