France's data protection authority, the Commission nationale de l'informatique et des libertés, published a draft guide for conducting transfer impact assessments for data transfers outside the European Economic Area. When conducting a TIA, the CNIL recommends data controllers know what data is being transferred, document the transfer tool used, understand the laws in the receiving country, identify and implement any supplemental measures and reevaluate the appropriate level of data protection necessary. The draft consultation period closes 12 Feb.
CNIL opens draft consultation on transfer impact assessments
Related stories
Home sweet home or location, location, location: The best place for your company's privacy office
Transparency, good data and documentation: How HR can navigate the EU AI Act
Mind matters: Shaping the future of privacy in the age of neurotechnology
A view from DC: The FTC's next priorities
Notes from the IAPP Canada: CPS25 highlights privacy, AI, cybersecurity evolution
