The European Data Protection Board announced guidelines related to the interplay between data transfers and territorial scope under the EU General Data Protection Regulation. The guidance offers three "cumulative criteria" that would categorize data processing as a transfer. Notably, the board explicitly said it does not consider a transfer to be the "collection of data directly from data subjects in the EU at their own initiative." EDPB Chair Andrea Jelinek said the guidance presents "a consistent interpretation of the concept of 'international transfers.'" Editor’s note: IAPP Editorial Director Jedidiah Bracy, CIPP, reported on data transfer updates provided by EU officials at the IAPP Data Protection Congress 2021.
19 Nov. 2021
EDPB adopts guidance with data transfer clarifications
RELATED STORIES
What to know about the new Canadian government PIA standard
Notes from the IAPP Canada: 'The Debaters' battle it out over privacy
A view from DC: What does a second Trump presidency mean for privacy, AI governance?
A view from Brussels: Global Privacy Assembly explores the 'Power of i'
What the US election results may mean for digital policy
