For us here at Capnion, one of the most notable stories to track this past November was the ongoing regulatory situation in the European Union following the Schrems ruling. Quick review for the uninitiated: earlier this year, a judge in the European Union ruled ruled (in response to a suit filed by Maximilian Schrems) to invalidate a legal framework called Privacy Shield that Facebook and other companies had been using to determine adequate safeguards around wholesale movement of consumer personal data out of the EU. (The specific objection was that Privacy Shield did not do enough to protect EU citizens from surveillance by the United States government.) The present situation is something of a lingering, awkward limbo for companies that depended on Privacy Shield as there is not yet any clear successor.

There is some recent guidance from the European Data Protection Board this past month, though, on how to approach the issue and it is very favorable to Capnion and Ghost PII’s mode of approaching these problems. (The document itself is available here.) In several places this guidance draws a distinction between standards for tasks which require data to be in the clear (not encrypted or anonymized) vs. tasks that do not. Naturally, one has considerably more and better options for exporting personal data out of the EU if that data can stay encrypted the entire time.

This sort of thing is of course exactly what Capnion was founded to help you with: letting you accomplish more mission-critical tasks without need of data in the clear!