DIGITALEUROPE’S INPUT ON INTERNATIONAL DATA TRANSFERS UNDER THE GDPR (FABLAB CONFERENCE)

On 18 October 2017, the Article 29 Working Party (WP29) organized its regular FabLab event on the General  Data Protection Regulation (GDPR). The event had two sessions (1) on the international data transfers and (2)  on transparency under the GDPR.

DIGITALEUROPE responds to the questionnaire sent to stakeholders ahead of the international data transfers  session, raising few key aspects for further consideration:

1. Chapter V “Transfers of personal data to third countries or international organisations” could benefit  from further clarification and simplification of the rules;
2. Adequacy decisions should focus on the outcome rather than the content; hence, couldn’t be solely  based on GDPR;
3. EU diplomatic toolbox should be used to (1) strengthen the slow progress of the development of  international norms and (2) address the wide-ranging powers on national intelligence agencies;
4. Access mechanisms differ from transfer mechanisms;
5. Certification methodology needs to be both agile and robust, and it should certify a minimum set of  requirements for a Privacy Program. It should also leverage international experience around  certification.

DIGITALEUROPE supports the efforts to increase the dialogue with stakeholders throughout the GDPR implementation process.