Last week the European Court of Justice issued the Schrems decision, which invalidated the Safe Harbor provision for transfer of personal, private data from Europe to the United States. While this decision is certainly going to affect U.S. companies such as Google and Facebook, I believe it will affect all U.S. companies in their anti-corruption compliance programs going forward, in ways both known and unknown at this point.
The first way it will affect U.S. companies at this time is through hotline reporting. All U.S. companies use Safe Harbor provision to bring any information developed in through calls to whistleblower hotlines back to the United States. Such a mechanism is no longer possible as the Schrems decision had immediate effect. Such information will, for the foreseeable future, have to remain in Europe or perhaps the country where it was developed.
