European Union (EU) privacy regulators has given the European Commission and US Government three months to come up with an alternative solution over their data sharing practice.
As per the US-EU Safe Harbor Framework, US firms can transfer personal data outside the European Union in a way that is consistent with the EU Data Protection Directive.
Last week, the European Court of Justice ruled that the EU-US agreement is invaild, impacting tech giants such as Google, Facebook, and Yahoo who use the Safe Harbor Framework.
The data protection authorities said in a statement, "If by the end of January 2016, no appropriate solution is found with the U.S. authorities and depending on the assessment of the transfer tools by the Working Party, EU data protection authorities are committed to take all necessary and appropriate actions, which may include coordinated enforcement actions."
The regulators said an inter-governmental agreement should be negotiated on providing stronger privacy guarantees to EU citizens, including oversight on government access to data and redress mechanisms.
Businesses are also advised to reflect on the eventual risks they take when transferring data and consider placing any legal and technical solutions to mitigate those risks and respect the EU data protection.
The EU and the US failed to reach a new deal to replace the Safe Harbor even though they have been in negotiations over the last two years.