Norway's data protection authority, Datatilsynet, published revised guidance on international data transfers in the wake of the Court of Justice of the European Union's "Schrems II" decision. The guidance calls on companies to assess the basis for a transfer in advance of execution and apply additional technical, legal or organizational measures to protect data when necessary. Datatilsynet also noted it will not grant companies pre-approval for transfer impact assessments before they are completed.
7 Sept. 2021
Norwegian DPA updates data transfer guidance
RELATED STORIES
Controllers, processors and subprocessors in chains
Notes from the IAPP Canada: Recommendations, calls to reform Privacy Act 'a good start'
A view from DC: Marriott and the minimum extent necessary
Retrospective: 2024 in state sectoral privacy law and AI law
Notes from the Asia-Pacific region: India's PM talks global governance for digital technology