On April 11, 2011, the International Trade Administration (ITA) posted a notice in the Federal Register seeking comments on proposal to collect information for the U.S.-EU Safe Harbor Privacy Framework.
In response to the European Union Directive on Data Protection that restricts transfers of personal information from Europe to countries whose privacy practices are not deemed "adequate," the U.S. Department of Commerce has developed a "Safe Harbor" framework that will allow U.S. organizations to satisfy the EU Directive's requirements and ensure that personal data flows to the U.S. occur without interruption. The framework bridges the differences between the EU and U.S. approaches to privacy protection.
As of December 10, 2010, 2,415 U.S. organizations have been placed on the Safe Harbor List. Organizations that have signed up to this list are deemed "adequate" under the Directive and do not have to provide further documentation to European officials.
The Safe Harbor List is necessary to make the Safe Harbor agreement operational, and will be used by EU organizations to determine whether further information and contracts will be needed for a U.S. organization to receive personally identifiable information.