October 06, 2015 13:20 ET

EU-US Safe Harbor Ruling Has Massive Implications for Success of New Digital Business Initiatives

Corporations Lacking Strong Identity-Centric Data Security and Governance Controls for EU Citizens Face Significant New Threats to Strategic Growth Initiatives

AUSTIN, TX--(Marketwired - Oct 6, 2015) - UnboundID today warned that a wide range of digital business initiatives ranging from e-commerce, mobile apps, social media, and Internet of Things (IoT) could face significant threats to their launch and adoption in Europe as a result of today's decision by the European Court of Justice. The court declared that the existing EU-US Safe Harbor framework is immediately invalid, and the decision cannot be appealed. This ruling places new restrictions on the use and transfer of European Union citizen data, which may require customer-facing organizations in the EU to provide more stringent customer privacy protections, data security, and transparency for customer data sharing and opt-in/out choices. The impact of this ruling spans not just technical hurdles, but also a reassessment of broader customer engagement strategies with the EU.

"Businesses that assume they will have unfettered use of personal data, largely for marketing purposes, now need to understand that this data isn't free, it doesn't belong to them, and is not faceless," said Steve Shoaff, CEO of UnboundID. "The EU courts have ruled that the use of personal customer data, considered personal property in the EU, must conform to the EU privacy mandate. Companies must begin to change their mindset to being good stewards of an asset owned by their customer -- their personal data. The scope of this ruling has the potential to affect entire marketing strategies."

In addition to more stringent customer privacy protections and data security requirements, the European Court has also introduced a more complex regulatory landscape. The ruling allows each EU member state to verify and enforce rules independently of each other, creating a fragmented compliance burden on multinational companies.

These new requirements can affect the implementation of new digital business initiatives that seek to engage customers across multiple channels and devices, such as the web, mobile apps, over the phone, and in retail stores. These engagement strategies must now implement a globally unified identity service that is also capable of enforcing local data privacy rules. This includes exposing customer consent and preference choices consistently across channels and devices, and enforcing customer choices consistently to provide control over how personal data is used.

"Organizations that do business with citizens of the EU are at a crossroads," said Shoaff. "Fundamental questions need to be asked about business models, and how organizations will earn customer loyalty and trust in the future. Although organizations will likely pursue various EU side agreements to shield themselves from legal challenges in the short term, ultimately these organizations will recognize that enabling customers to self-manage preferences, opt-ins/outs, and privacy consent will enhance the customer experience and speed adoption of new life changing advances in digital engagement and IoT."

About UnboundID Corp.
UnboundID provides the industry's leading software platform for identity and preference management. Enterprise customers select the UnboundID Platform to modernize traditional Identity and Access Management systems, and enable new customer-facing digital business initiatives that provide real-time personalization and delivery of a consistent customer experience across channels and devices. Some of the world's largest and most demanding companies in financial services, retail, hospitality, telecommunications, and healthcare rely on UnboundID to manage and protect their identity and preference data across application portfolios and systems of engagement. To learn more, visit

Contact Information