Given its relatively recent enactment date, the U.S. Clarifying Lawful Overseas Use of Data Act’s compatibility with the EU General Data Protection Act is still an open question. With regard to data transfer to third countries for which such transfer is subject to the GDPR, Articles 44 to 50 of the GDPR apply. In particular, Article 48 of the GDPR comes into play when EU data is being requested by a U.S. law enforcement agency. In this article for The Privacy Advisor, Walter Delacruz, CIPP/E, CIPP/US, and Matthias Artzt, CIPP/E, discuss the CLOUD Act’s impact on the GDPR and how to comply.
If you want to comment on this post, you need to login.