However, in its judgment of 6 October 2015, the Court of Justice of the European Communities (ECJ) held that in the United States, the same level of data protection does not exist and that personal data is not sufficiently protected in the United States. In this context, the ECJ invalidated the European Commission`s ruling on the Safe Harbor, thus depriving the legal basis for the transfer of personal data to the United States on the basis of the Safe Harbor Decision. Following a dispute between Austrian data protection advocate Max Schrems, it was decided that US data protection law was insufficient and that it was necessary to invalidate the agreement. The Safe Harbor Agreement between the EC and the US government essentially promised to protect EU citizens` data when it is transferred from US companies to the US. Therefore, based on the Safe Harbor Decision, the personal data of customers, internet users and employees of EU Member States may be transferred to the United States and stored and processed without further conditions (e.g. B the consent of the data subject). The only prerequisite is that U.S. companies commit to the Safe Harbor Principles (an obligation to comply with EU data protection standards) and sign up for a U.S. Department of Commerce`s “Safe Harbor List.” Some analysts probably see the EUCJ ruling as damaging the new Safe Harbor negotiations and will not help. In a two-year-old case, which was brought before the EU`s highest court by Austrian data protection defender Max Schrems, the EUCJ ruled that the European Commission`s transatlantic data protection agreement, which entered into force in 2000, was invalid because it did not adequately protect consumers after the Snowden revelations. In the meantime, encryption may contain the response to maintaining data transfer, while a new agreement is reached….