EU Ruling on Safe Harbor: Rackspace Stands Prepared

Yesterday, the European Union Court of Justice ruled the U.S.- EU Safe Harbor framework invalid.

In place since 2000, the framework offered an established data transfer compliance mechanism that enabled U.S. companies, including Rackspace, to export and handle personal data from the EU. More than 4,000 U.S. companies used this framework.

Rackspace has been anticipating and preparing for such a ruling for some time, and, thanks to additional safeguards already in place, the change should not significantly impact Rackspace.

Data transfers across the Atlantic are continually under discussion and Rackspace has been advocating for ways to improve the existing legal framework for international data transfers for a number of years now.

Rackspace does not solely rely on its Safe Harbor certification and has alternative mechanisms in place for its customers – such as EU Model Clauses and data processing agreements – that allow for data transfers from the EU to the US.

We also have an intracompany data processing agreement in place reflecting the standards of the EU Data Protection Directive. These data transfer mechanisms, along with our various reports on compliance regarding the technological and organizational measures we have in place, should help to meet the EU data controllers’ obligations under applicable data protection law.

While Rackspace cannot advise customers on how the ruling impacts them specifically, we have always worked with our customers to ensure we have processes in place to help our customers comply with their international data transfer requirements, and that will not change.

In the rare event that our existing data transfer mechanisms prove insufficient for our customers, and customers require EU Model Clauses or data processing agreements in addition to these safeguards, we are more than happy to continue assisting our customers with these requests.

We are committed to helping our customers navigate through this transition period with alternative data transfer mechanisms to help them minimize their compliance risk.

For more information, contact

Sabina Jausovec-Salinas worked as a corporate counsel at Rackspace for eight years, until early 2017. Much of her work focused on privacy, data protection, marketing, advertising, and intellectual property law. She managed the company’s privacy program and supported the in-house marketing department in advertising, direct marketing, promotions, contests, public relations and branding. Sabina has a wide-range of international legal experience in US and EU privacy and data protection law. She has worked in multiple practice areas in Slovenia, the UK, and currently in the US. Sabina holds CIPP/US and CIPT certifications and served as a co-chair of the IAPP KnowledgeNet Chapter in San Antonio. To learn more about Sabina visit



Please enter your comment!
Please enter your name here