Safe Harbor→

Ars Technica:

Recognising that the authorities will still need access to stored personal data under certain circumstances, Smith also calls for “an expedited process for governmental entities in the US and EU to access personal online information that is moved across the Atlantic and belongs to each other’s citizens by serving lawful requests directly with the appropriate authority in an individual’s home country.” Requesting governments could only seek information within the limits of their own laws, and the request would be judged by the receiving government based on its rules. “If the designated authority determines the request is consistent with the privacy protections and other requirements of the citizen’s local law, it would validate and give it legal effect, authorizing disclosure,” Smith explains.

It’s a good idea, but the execution would be a mess. That’s a huge amount of different laws for any agency to keep track of, and stuff will fall through the cracks, no doubt about it.