To date, the main legacy of the Brexit referendum of 2016 appears to be a country split in half: some badly wish the UK would continue to be a member of the EU and some are equally keen on making a move. Yet, there seems to be at least one thing on which Remainers and Leavers will agree: nobody knows … Continue Reading
The Data Protection Directive and the Regulation both impose restrictions on the transfer of personal data by EU based businesses (whether those businesses are data controllers or data processors) to destinations outside the EEA.
Recap on current framework
Transfers of personal data to a third country outside the EEA are allowed under the current Data Protection Directive only if one … Continue Reading
The EU’s Article 29 Working Party issued a statement on Friday on the recent Schrems decision invalidating the adequacy of the EU-U.S. Safe Harbor framework, emphasizing that affected businesses should start to put in place legal and technical solutions in a timely manner to meet EU data protection standards. The statement gave a January 2016 deadline for companies to come … Continue Reading
On 24 March, the French data protection authority (Commission Nationale de l’Informatique et Libertés – the “CNIL”) announced that it will soon make easier the practical implementation of intra-group transfers of data from French entities to entities located outside the European Union where groups of companies have adopted Binding Corporate Rules (BCRs). BCRs are becoming increasingly popular among multinationals … Continue Reading