In its ruling of 6 October 2015 (Case C-362/14, Schrems), the Court of Justice of the European Union (“CJEU”) invalidated the Commission Decision 520/2000/EC on the adequacy of Safe Harbor. As a result, companies were given three-month grace (ending late January 2016) to consider their business processes and to adopt alternative cross-border data transfer mechanisms. In this context, a German regulator has early June fined three international companies, Adobe Systems, Punica, and Unilever for relying on a Safe Harbor agreement and unlawfully transferring personal data to the United States.