The EU Data Protection Directive has onerous restrictions regarding the transfer of personal data from the European Economic Area (EEA), such as to the U.S. One way to transfer personal data is through the use of EU approved model data transfer contracts. The EU has recently approved a new more ‘business friendly’ form of model contract which businesses should now consider when weighing up the different options for the transfer of personal data from the EEA.
Global corporations with offices or customers in the European Union should be aware of the latest European Union proposal for compliance with its Data Protection Directive 95/46/EC with respect to internal transfers of information among members of the same corporate group. Interested parties will be submitting comments through September 30, 2003.
As markets become more global, data protection awareness and compliance in transborder data flows is becoming increasingly important. There are important issues for companies wishing to send personal data to countries outside the European Economic Area (EEA). This paper considers in detail the Eighth Principle under the Data Protection Act 1998 (the Act) and the ways in which compliance with its requirements may be achieved.