France's data protection authority, the Commission nationale de l'informatique et des libertés, published a draft guide for conducting transfer impact assessments for data transfers outside the European Economic Area. When conducting a TIA, the CNIL recommends data controllers know what data is being transferred, document the transfer tool used, understand the laws in the receiving country, identify and implement any supplemental measures and reevaluate the appropriate level of data protection necessary. The draft consultation period closes 12 Feb.
CNIL opens draft consultation on transfer impact assessments
RELATED STORIES
A view from DC: Can we have symmetry in privacy choices?
Notes from the IAPP Canada: Fall brings youth privacy issues to the forefront
Notes from the Asia-Pacific region: China privacy landscape 'hot and dynamic as ever'
A view from Brussels: Will health data sharing be a blueprint for other domains?
California awaits fate of legislature-approved AI safety bill
