German privacy watchdogs have told companies to conduct their own checks of US companies’ conduct before passing personal data to them, even if they are signed up to the EU-US ‘Safe Harbor’ data protection scheme. It has said that companies must not simply take US companies’ word on their compliance with EU privacy principles if they plan to send personal data to them. European Union laws on privacy are amongst the world’s strictest, and companies are not allowed to send personal data to countries outside the European Economic Area unless there is a guarantee that it will be protected as well there as it is in the EU.