France's data protection authority, the Commission nationale de l'informatique et des libertés, published a draft guide for conducting transfer impact assessments for data transfers outside the European Economic Area. When conducting a TIA, the CNIL recommends data controllers know what data is being transferred, document the transfer tool used, understand the laws in the receiving country, identify and implement any supplemental measures and reevaluate the appropriate level of data protection necessary. The draft consultation period closes 12 Feb.
CNIL opens draft consultation on transfer impact assessments
RELATED STORIES
A view from DC: Our data, ourselves
Notes from the IAPP Canada: Privacy law teaching, training and turkey
Notes from the Asia-Pacific region: Quiet, contemplation follows introduction of initial Australia Privacy Act reforms
A view from Brussels: Trans-Atlantic transfers deal gets thumbs-up as adequacy remains a strategic priority
US courts, regulators weigh in on online tracking in health care