"Many of those data flows are based on contract clauses," he said.
Whether a new Safe Harbor agreement will resolve the questions raised by the court is open to doubt. Some critics have said that, without wholesale reform of U.S. law, it just isn't possible to provide the guarantees EU law requires. And while the majority of the EU's data protection authorities are still studying whether the alternative tools are sufficient, German authorities are so concerned about them that have suspended all new registrations for data exports
Ansip gave a nod to some of those concerns: "It's up to lawyers to say exactly what will be needed. A legally binding administrative decision will be needed to make this Safe Harbor 2.0 bulletproof," he said.
In other words, Safe Harbor's successor isn't safe until it too has been tested by the EU's highest court.
That's the challenge, then, for the U.S. officials that Jourová is waiting to hear from. Next week, she said, she will travel to Washington, "to discuss the issue at the highest political level."
Sign up for CIO Asia eNewsletters.