Header graphic for print
Global Media and Communications Watch The International Legal Blog for the Tech, Media and Telecoms Industry

Tag Archives: BCR

Posted in Data Protection & Privacy Photo of Eduardo Ustaran

Thinking Strategically About Brexit and Data Protection

To date, the main legacy of the Brexit referendum of 2016 appears to be a country split in half: some badly wish the UK would continue to be a member of the EU and some are equally keen on making a move. Yet, there seems to be at least one thing on which Remainers and Leavers will agree: nobody knows exactly what is going to happen. The same is true of the effect of Brexit on UK data protection. However, as Brexit day approaches, it is becoming imperative for those

Posted in Data Protection & Privacy

Future-Proofing Privacy: International Data Transfers 2.0

The Data Protection Directive and the Regulation both impose restrictions on the transfer of personal data by EU based businesses (whether those businesses are data controllers or data processors) to destinations outside the EEA. Recap on current framework Transfers of personal data to a third country outside the EEA are allowed under the current Data Protection Directive only if one of the following requirements has been met:   the Commission has established that the third country ensures an adequate level of data protection by reason of its domestic law or as a result of the international commitments it has entered into.

Posted in Data Protection & Privacy Photo of Eduardo UstaranPhoto of Harriet PearsonPhoto of Bret Cohen

EU Data Transfers: Considering Your Options After Friday’s Article 29 Working Party Statement

The EU’s Article 29 Working Party issued a statement on Friday on the recent Schrems decision invalidating the adequacy of the EU-U.S. Safe Harbor framework, emphasizing that affected businesses should start to put in place legal and technical solutions in a timely manner to meet EU data protection standards.  The statement gave a January 2016 deadline for companies to come into compliance with the ruling, at which point EU data protection authorities would be “committed to take all necessary and appropriate actions, which may include coordinated enforcement actions.”  In response, we publish here a

Posted in Data Protection & Privacy Photo of Sarah Taieb

The CNIL Simplifies Formalities Regarding the Implementation of Binding Corporate Rules

On 24 March, the French data protection authority (Commission Nationale de l’Informatique et Libertés – the “CNIL”) announced that it will soon make easier the practical implementation of intra-group transfers of data from French entities to entities located outside the European Union where groups of companies have adopted Binding Corporate Rules (BCRs). BCRs are becoming increasingly popular among multinationals as a legal means for providing adequate protection to personal data (covered by EU Data Protection Directive 95/46/EC) which are transferred from the European Union to countries that are not considered