WHEN IT COMES TO GLOBAL DATA PRIVACY COMPLIANCE, ALL ROADS LEAD TO THE EU'S GDPR!
Paul M. Robertson, Esq. and Melanie J. McCauley, Esq.
This is Part 2 in a series on global data privacy compliance.
Countries around the world have taken a variety of approaches to the regulation of data privacy, acting either independently or as part of regional coalitions.?Although various surveys of global privacy laws are available, considerable disparities exist among the approaches. A synthesis of the various approaches is difficult.?In light of these differences, developing a global data privacy approach can be daunting.
领英推荐
That said, the cross-border transfer restrictions that have been developed in the EU, currently in the form of the 2018 General Data Protection Regulation (“GDPR”), are particularly stringent and detailed.?For that reason, a company that adopts data transfer policies to comply with EU restrictions will also be found to be generally in compliance with the restrictions established in most other jurisdictions. As a consequence, it is reasonable to formulate one’s global data transfer strategies by first focusing on the options available for ensuring compliant cross-border transfers emanating from the EU.??Those solutions can then be leveraged and, as necessary, tweaked to ensure compliance with the law of other jurisdictions.
Those entities seeking to make compliant data transfers from the EU have developed a number of solutions to these restrictions.?These solutions have morphed and evolved over the years, evolving as the underlying EU restrictions have themselves been revised, interpreted, and enforced, in the form of the GDPR and its precursors.?The EU has been a veritable incubator for the development and stress-testing of data-transfer law and compliant solutions.
In future articles in this series, we will provide a glossary of relevant terms, describe the GDPR’s restrictions on the cross-border transfer of personal data, discuss the tools available to comply, and provide guidance on how best to move forward.?We will also consider the impact that these opposing, and sometimes conflicting, influences and interests have on those who use and transfer data across borders.?Using the GDPR as a model, the data privacy practitioner will, in the end, be left with an outline for a systematic approach to data privacy transfers across borders, and suggested best practices. Continue to stay tuned!
Freelance Writing/Editorial Services
2 年Interesting. It would be very difficult to know which regulations to follow but, as you say, starting with the EU provides a reasonable path forward.
Data Scientist | Mixed Methods Researcher | Trainer | Animal Lover
2 年Deborah Hinck
Attorney at DeMoura|Smith LLP
2 年Reproduced with permission from Bloomberg Law, Privacy and Data Security Practice Portfolio Series, Chapter II: Cross-Border Data Transfers, by Paul M. Robertson, Esq., and Melanie J. McCauley, Esq., ? 2022 by The Bureau of National Affairs, Inc. (800-372-1033).?For a full copy of the underlying article, see https://www.bna.com.? ? This information is for informational purposes is not intended to constitute legal advice and may be out of date by the time it is read.?Readers are invited to contact the author at [email protected] to obtain advice with respect to any particular issue.