Are there ways to deal with data transfer from EU to US in light of the ECJ opinion?

In light of the opinion issued by ECJ Advocate General Yves Bot in September essentially striking down US-EU Safe Harbor, companies are faced with determining alternatives to data transfer. For companies without EU-local strategies for managing personally identifiable information (PII), there are few options.

• Consent of the subject is impractical which leaves model clauses that can be incorporated into agreements to ensure adequate protection of the transferred personal data.
  

• For most firms that are ultimately using this data for business purposes, they fall into the category of Data Controllers. Controllers are the entities employing personal data. For the firms providing services to transfer or otherwise manage the data, they are Data Processors.
  

• So, as you figure out where you fit in the global personal information management paradigm, determine if you are a processor, controller, or both; then figure out if you still want to play on this precarious global stage. And for those who have no choice, may the data management spirits be with you.