U.S. Corporate Travel Players Weigh Options For Complying With EU Data Protection Rules

Keeping compliant with the European Union's tough personal data privacy laws used to be straightforward. The EU exercises stricter data privacy laws than the United States. That's why it also has rules ensuring that transfers of data about its citizens across the Atlantic must comply with its more stringent standards. Meanwhile, many of the corporate travel industry's dominant service providers, and thus their primary data servers, are based in the United States. They import data about individuals—including names, employers, where the employees travel and credit card details—from Europe on a daily basis, and under a framework called Safe Harbor, U.S. companies could declare they transferred data in a compliant manner.