On October 23, 2015, the Portuguese Data Protection Authority (Comissão Nacional de Protecção de Dados – CNPD) issued its post-Schrems decision.
Implementing the Schrems decision, and referring also to the WP29’s recent statement, the CNPD prohibited data transfers to the US under Safe Harbor. The Authority stated that it will issue provisional authorizations under systems alternative to the Safe Harbor.
For more information Fábio Freitas de Sousa, Portuguese DPA’s decision regarding Safe Harbor.
The decision (in Portuguese) here