Document Type


Publication Title

Houston Law Review

Publication Date



For almost a decade, the United States and Europe have anticipated a clash over the protection of personal information. Between the implementation in Europe of comprehensive legal protections pursuant to the directive on data protection and the continued reliance on industry self-regulation in the United States, trans-Atlantic privacy policies have been at odds with each other. The rapid growth in e-commerce is now sparking the long-anticipated trans-Atlantic privacy clash. This Article will first look at the context of American e-commerce and the disjuncture between citizens' privacy and business practices. The Article will then turn to the international context and explore the adverse impact, on the status quo in the United States, of European data protection law as harmonized by Directive 95/46/EC of the European Parliament and of the Council of 24 Oct. 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. Following this analysis, the Article will show that the “safe harbor” agreement between the United States Department of Commerce and the European Commission--designed to alleviate the threat of disruption in trans-Atlantic data flows and, in particular, to mollify concerns for the stability of online data transfers--is only a weak, seriously flawed solution for e-commerce. In the end, extra-legal technical measures and contractual mechanisms might minimize privacy conflicts for e-commerce transactions, but an international treaty is likely the only sustainable solution for long-term growth in trans-border commercial interchange.

Included in

Internet Law Commons