Talk privacy and network with local members at IAPP KnowledgeNet Chapter meetings, taking place worldwide.
IAPP Job BoardLooking for a new challenge, or need to hire your next privacy pro? The IAPP Job Board is the answer.
IAPP CalendarReview a filterable list of conferences, KnowledgeNets, LinkedIn Live broadcasts, networking events, web conferences and more.
Chinese Personal Information Protection (CIPP/CN)
Learn compliance with the three major laws (PIPL, CSL, DSL) forming the framework of Chinese privacy.
Artificial Intelligence Governance ProfessionalLearn how to create and implement policies and procedures that make the most of AI’s potential by reducing its risks.
European Data Protection (CIPP/E)Understand Europe’s framework of laws, regulations and policies, most significantly the GDPR.
U.S. Private-Sector Privacy (CIPP/US)Steer a course through the interconnected web of federal and state laws governing U.S. data privacy.
Canadian Privacy (CIPP/C)Learn the intricacies of Canada’s distinctive federal/provincial/territorial data privacy governance systems.
Privacy Program Management (CIPM)Develop the skills to design, build and operate a comprehensive data protection program.
Privacy in Technology (CIPT)Add to your tech knowledge with deep training in privacy-enhancing technologies and how to deploy them.
Foundations of Privacy and Data ProtectionIntroductory training that builds organizations of professionals with working privacy knowledge.
Privacy Law Specialist Training (PLS)
Meet the stringent requirements to earn this American Bar Association-certified designation.
CIPP/CN Certification
For professionals who are responsible for compliance with China's major privacy laws - PIPL, DSL, CSL.
AIGP Certification
Ensures individuals responsible for AI systems can reduce the risks associated with this technology.
CIPP Certification
The global standard for the go-to person for privacy laws, regulations and frameworks
CIPM Certification
The first and only privacy certification for professionals who manage day-to-day operations
CIPT Certification
As technology professionals take on greater privacy responsibilities, our updated certification is keeping pace with 50% new content covering the latest developments.
FIP Designation
Recognizing the advanced knowledge and issue-spotting skills a privacy pro must attain in today’s complex world of data privacy.
Privacy Law Specialist
The first title to verify you meet stringent requirements for knowledge, skill, proficiency and ethics in privacy law, and one of the ABA’s newest accredited specialties.
Certificação CDPO/BR
Mostre seus conhecimentos na gestão do programa de privacidade e na legislação brasileira sobre privacidade.
Access all reports and surveys published by the IAPP.
The IAPP publishes longform, web-based resource articles to provide in-depth analysis on relevant topics in the privacy space.
Access all white papers published by the IAPP.
Access all infographics published by the IAPP.
The Privacy Advisor Podcast provides interviews with the privacy world's most interesting voices.
The IAPP's video library provides insights, reactions and opinions on a range of topics, including regulatory developments, areas of privacy operations management and more.
On this topic page, you can find the IAPP’s collection of coverage, analysis and resources covering AI connections to the privacy space.
On this page, you’ll find articles and tools to help you get a basic understanding of the job of the privacy pro and data protection laws and practices around the globe.
Global Privacy Summit
The world's largest forum for connecting with other privacy, AI governance and digital responsibility professionals. Call for proposals is open.
Navigate: Digital Policy Leadership Retreat 2025
A new event focused on digital regulation, risk and responsibility. Co-hosted by the Berkman Klein Center for Internet & Society at Harvard University and the IAPP.
Asia 2025: Privacy Forum + AI Governance Global
With 2 events in 1, IAPP Asia 2025 will expand your skill set in two disciplines with practical advice from the region’s top minds.
AI Governance Global North America
Join us in Boston as we focus on the unique and broad array of challenges AI governance professionals face in North America.
Privacy. Security. Risk. 2025
P.S.R. focuses on the intersection of privacy, AI governance, digital responsibility and technology. Register today for the San Diego event.
ANZ Summit
Join us in Sydney for the region’s top event in privacy, AI governance and digital responsibility.
Canada Privacy Symposium
The call for speaking proposals is open. Submit your idea by 19 Oct. 2025 for a chance to speak at Symposium.
Europe Data Protection Congress
Meet us in Brussels to learn about the latest in privacy, AI governance and cybersecurity law.
Speak at an IAPP eventView our open calls and submission instructions.
Sponsor an eventIncrease visibility for your organization — check out sponsorship opportunities today.
Resource Center / Topic Pages / International Data Transfers
TOPIC PAGE
Navigate by Topic
On this topic page, you can find the IAPP’s collection of coverage, analysis and resources related to international data transfers.
Implementing Trans-Atlantic Transfers
This chart outlines key changes and requirements for U.S., EU, UK and Swiss organizations implementing transatlantic transfers.
Read More
US rules on transborder data flows
This video unpacks U.S. rules on transborder data flows and helps entities beginning to develop their compliance strategies.
Read More
The future of global data flows
In this article, Hogan Lovells Partner Eduardo Ustaran analyzes the future of global data flows in an uncertain world.
Read More
This page will stay updated with the latest resources covering the EU-U.S. Data Privacy Framework.
Read More
Global data transfer contracts
This infographic shows the jurisdictions that have taken steps to standardize draft contractual clauses for transferring personal data internationally.
Read More
This infographic shows the jurisdictions that vest powers in a regulator or authority to designate jurisdictions as having “adequate” data standards.
Read More
Implementing Trans-Atlantic Transfers
How could Trump administration actions affect the EU-US Data Privacy Framework?
Bindl v Commission: Reaction and insights from Thomas Bindl
European General Court renders impactful decision on data transfer litigation
European Commission report reviews progress of EU-US DPF
Bridging the Atlantic: EU-US data transfers and the data privacy framework
Functions of EU-US Data Privacy Framework take shape
Why should my company join the EU-US Data Privacy Framework?
UK-US Data Bridge becomes law, takes effect 12 Oct.
EU-US Data Privacy Framework – Guidance and Resources
EU-US data adequacy litigation begins
The EU-U.S. Data Privacy Framework in practice
European Commission adopts EU-US adequacy decision
EU-U.S. Data Privacy Framework: New Independent, Binding Redress Mechanism
MEPs urge European Commission to reject EU-US adequacy
The EU-US Data Privacy Framework and next steps for data transfers
From Privacy Shield to the Trans-Atlantic Data Privacy Framework
Privacy Shield and the UK — FAQs
New SCCs are coming soon, but a Privacy Shield replacement remains on the horizon
Industry gauges future of Privacy Shield replacement
Will Privacy Shield’s demise usher in an era of transparency? Part 2
Israel’s Privacy Shield announcement: Tiptoeing between the EU and US
Irish DPC tells Facebook to stop transferring data to the US: Should panic ensue?
EU, US initiate talks on potential ‘enhanced’ Privacy Shield
Schrems, Ustaran react to CJEU’s ruling on Privacy Shield, SCCs
CJEU invalidates EU-US Privacy Shield; SCCs remain valid
What Privacy Shield organizations should do in the wake of ‘Schrems II’
The ‘Schrems II’ decision: EU-US data transfers in question
EU Standard Contractual Clauses (Word documents)
Transfer Impact Assessment Templates
China’s Standard Contractual Clauses (English translation)
Argentina’s AAIP endorses Ibero-American Data Protection Network SCCs
A look at what’s in China’s new SCCs
Chinese SCCs are here: Are you ready?
RIPD publishes guidelines for international data transfers
Bird & Bird EU Standard Contractual Clauses Generator
How China’s draft SCCs compare with EU SCCs
European Commission publishes Q&A on SCCs for data transfers
Why it is unlikely the announced supplemental SCCs will materialize
Can the new standard contractual clauses work for small business?
Swiss DPA approves use of European Commission’s SCCs
Getting acclimated with updated SCCs
Top-10 do’s and don’ts for service providers implementing the new SCCs with EU customers
The updated standard contractual clauses — A new hope?
New SCCs are coming soon, but a Privacy Shield replacement remains on the horizon
What to expect when you’re expecting… SCCs — Canadian edition
Schrems II’: What the EDPB Recommendations and Modernized SCCs Mean for You
European Commission publishes proposed replacement SCCs
New EU SCCs: A modernized approach
What to expect on revised standard contractual clauses
Supplementing SCCs to solve surveillance shortfalls
BCRs as a robust alternative to Privacy Shield and SCCs
Global Cross-Border Privacy Rules – Guidance and Resources
Transfer Impact Assessment Templates
EU Standard Contractual Clauses (Word documents)
Schrems addresses emerging questions around EU-US Data Privacy Framework
European commissioner discusses EU-US Data Privacy Framework, potential GDPR reform
Bindl v Commission: Reaction and insights from Thomas Bindl
European General Court renders impactful decision on data transfer litigation
A glimpse into the future of cross-border data regulation
Controllers, processors and subprocessors in chains
German court decision signals move toward risk-based approach to data transfers
IAPP P.S.R. 2024: The blueprint to protecting US data from adversarial regimes
Brazil’s new regulation on international data transfers
The many faces and fora for data flows and digital trade
Need for global international data transfer rules ‘urgent’
Cross-border law enforcement requests: A complex balancing act
How US national security interests may lead to a multilateral treaty on data privacy
Pay, OK or a third way: Context, analysis from the EDPB’s opinion
Protecting Americans’ Data from Foreign Adversaries Act
Data minimization: An increasingly global concept
Unlocking global data privacy interoperability with CBPRs
IAPP GPS 2024: Localization, adequacy define current data transfer landscape
China’s new cross-border data transfer regulations: What you need to know and do
New rules of the road can sustain US leadership on interoperable digital data flows
OECD privacy, AI leaders come together to bridge gaps
US executive order will address brokers’ sensitive data transfers to ‘countries of concern’
ASEAN publishes EU transborder data flow guide
European Commission upholds 11 adequacy decisions
Bridging the Atlantic: EU-US data transfers and the data privacy framework
Functions of EU-US Data Privacy Framework take shape
Reynders announces European Commission’s latest international data transfer plans
Data without borders: EU e-Evidence package facilitates access to private data across jurisdictions
Argentina’s AAIP endorses Ibero-American Data Protection Network SCCs
Why should my company join the EU-US Data Privacy Framework?
UK-US Data Bridge: What it means, how to implement and what is next
UK-US Data Bridge becomes law, takes effect 12 Oct.
EU-US data adequacy litigation begins
EU-US Data Privacy Framework adopted, what now?
The EU-U.S. Data Privacy Framework in practice
EU data transfers: The latest and what comes next
European Commission adopts EU-US adequacy decision
A practical comparison of the EU, China and ASEAN standard contractual clauses
The Atlantic Declaration: Data bridges, privacy and AI
Unpacking the DPC’s data transfers decision
Meta fined GDPR-record 1.2 billion euros in data transfer case
From Privacy Shield to the Trans-Atlantic Data Privacy Framework
Frequently Asked Questions & Resources on ‘Schrems II’
A trans-Atlantic comparison of a real struggle: Anonymized, deidentified or aggregated?
In wake of global data transfer complexity, need for multilateral treaty grows
EDPB taskforce releases ‘Schrems II’ claims report
EDPB/DPC decisions on data transfers: What is expected?
Keynote Panel Discussion on GDPR (IAPP Global Privacy Summit 2023)
Privacy beyond checkmarks: How to Navigate Cross-border Transfers
EU-U.S. Data Privacy Framework: New Independent, Binding Redress Mechanism
Chinese SCCs are here: Are you ready?
International data transfers: Time to rethink binding corporate rules
EDPB welcomes ‘improvements’ to EU-US adequacy decision, concerns remain
A look at what’s in China’s new SCCs
MEPs urge European Commission to reject EU-US adequacy
Text comparison of principles for commercial transfers: From Privacy Shield to DPF
EU-US draft adequacy decision arrives, EU process begins in earnest
Pressure points remain with EU-US Data Privacy Framework
Data transfers: A triangle with zero trust, not zero risk?
DPC 2022: EU-US Data Privacy Framework on track, Schrems challenge to come
Data transfers: Could a technical solution be the future?
ICO – Transfer Risk Assessment Guidance
Operating the U.S. Cloud Under Schrems II
Cross-border Data Flows: Taking stock of Key Policies and Initiatives
The EU-US Data Privacy Framework and next steps for data transfers
Implications of EU-US Data Privacy Framework as adequacy decision looms
White House executive order brings EU-US data flow deal closer to finish line
The EU-US Data Privacy Framework: A new era for data transfers?
‘Data transfer theater:’ The US and Israel take the stage
UK-US data access agreement takes effect
Sample Data Processing Agreement – Hubspot
China cross-border data transfer mechanism and its implications
Will China’s new certification rules be a popular legal path for outbound data transfers?
EDPB releases opinion on EU-Russia data transfers
Irish DPC files draft order to halt Meta’s data transfers to US
Data transfers in the data strategy: Understanding myth and reality
The Global Cross Border Privacy Rules Forum
CNIL issues compliance notices, Q&A for data transfers with Google Analytics
European Commission publishes Q&A on SCCs for data transfers
US Commerce Dept. announces ‘historic’ Global CBPR Forum for data transfers
Officials ‘thrilled’ with EU-US data flows agreement, ‘work continues’ on finalization
EU, US agree ‘in principle’ to new trans-Atlantic data agreement
Top 5 operational impacts of China’s PIPL — Part 5: International data transfers
Data portability in the EU: An obscure data subject right
Data transfers, UK GDPR reform top of mind at DPI: UK
Data Transfer Enforcement, Risk and Compliance: What You Need to Know Now
Privacy and security for big data processing in the financial sector
Doing business across borders — A global future or a splintered internet?
EDPB discusses data transfer guidance considerations, key points
New EDPB guidelines define international transfers: Dancing in place
A globalized CBPR framework: Peering into the future of data transfers
Confusion about the meaning of ‘Schrems II’ impedes global data flows
Companies urge data transfer deal before US-EU Trade and Technology Council
The UK’s new plans for data transfers: An interview with Joe Jones
FAQs for UK ICO’s data transfer consultation – including approach to EU SCCs
Can the new standard contractual clauses work for small business?
EU considers canceling trade, data flow talks with US
Researchers seek to simplify transfers of EU health data
A year after ‘Schrems II’ ruling, uncertainty remains
The road ahead in an uncertain world of cross-border data transfers
European Commission adopts UK adequacy decisions
EDPB rapporteur details board’s supplementary measures
EDPB’s data transfer recommendations adopt a risk-based approach with teeth
EU-US data transfer deal still work in progress, despite new alliance
Demystifying data transfers to US data importers: Looking at ‘Schrems II’ from a different angle
The Irish High Court judgment on EU-US data flows
Why the Biden administration should ‘go big’ on global data transfers solution
Biden appoints Christopher Hoff to oversee Privacy Shield talks
Do B2B companies not based in the EU need to comply with the GDPR?
Stuck in the middle with you: When US discovery orders hit GDPR
LIBE meeting scrutinizes path forward for EU-US data transfers
Is the EU’s approach to data transfers the best path forward?
EC calls for harmonization, addresses data transfers in GDPR review
Privacy across borders: Enforcement and prescriptive jurisdiction
Announcing the new Cross-Border Data Forum
A look at data transfers under different data protection regulations
Countdown to GDPR: Part 3 — Cross-border data transfer
Top 10 operational impacts of the GDPR: Part 4 – Cross-border data transfers
