Looking Outside the Prism: How Safe are Data Transfers?

more+
less-
more+
less-

When former NSA contractor, Edward Snowden, leaked documents disclosing the NSA’s mass surveillance programme, known as PRISM, he re-invigorated the debate on, and the media interest in, the validity of the current safeguards for transborder data flows from the European Economic Area (‘EEA’). Following the European outrage at the PRISM scandal, European authorities, activist groups and individuals are left questioning the safety of data of European citizens once outside of the EEA. Recent statements by the European Union Justice Commissioner, Viviane Reding, and the recent vote by the European Parliament's Civil Liberties, Justice and Home Affairs (‘LIBE’) Committee prove that this is a very unsettled area of the law.

Methods of data transfer outside the EEA The vast majority of large global businesses use the European Commission’s standard contractual clauses, commonly known as the ‘Model Clauses’, for the transfer of personal data to third countries or, in relation to transfers to US companies that are members of the US Safe Harbor programme, rely on that company’s Safe Harbor certification. Companies can also gain approval for data exports within their group by obtaining approval of Binding Corporate Rules (‘BCRs’), although, as these haveto be approved by their local data protection authority, the uptake has been reasonably low...

Originally published in the PRIVACY & DATA PROTECTION VOLUME 14, ISSUE 2.

Please see full article below for more information.

LOADING PDF: If there are any problems, click here to download the file.