COMMUNICATION FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT AND THE COUNCIL Exchanging and Protecting Personal Data in a Globalised World
The General Data Protection Regulation ((EU) 2016/679) (GDPR) and the Directive on data protection in the police and criminal justice sector ((EU) 2016/680) (Law Enforcement Directive) will become applicable in May 2018. Both contain measures to strengthen personal data protection in the context of cross-border transfers of personal data for commercial and law enforcement purposes. Both measures were formally adopted on the 27th April 2016 and will come into force in May 2018.
The GDPR provides a suite of mechanisms to transfer personal data from the EU to third countries, including binding corporate rules (BCRs), standard contractual clauses (SCC) and adequacy decisions. Whilst these measures are already available under the current Directive, the reforms seek to simplify and expand their use and encourage the development and use of new approved codes of conduct and certification mechanisms to legitimise data transfers. The present Communication published on 10 January 2017 sets out the Commission's strategy for engaging selected third countries in the future to reach adequacy decisions and promoting data protection standards through international data protection instruments.
- 12 June 2018 Hands-Cash - 128 KB - pdf
- 16 March 2017 Hancock-Boswell - 174 KB - pdf
- 16 March 2017 Hancock-Cash - 171 KB - pdf
- 24 January 2019 James-Cash - 227 KB - pdf
- 24 January 2019 James-Cash attachment - 267 KB - pdf
- 3 September 2018 Hollingbery-Cash - 89 KB - pdf
- 5 October 2018 James & Hollingbery-Cash - 231 KB - pdf
- Document 5191/17 - 417 KB - pdf
- EM 5191/17 - 159 KB - pdf