Extract from Epiq’s article “New EU-US Data Transfer Framework Finalized: What Does the Future Hold?”
With data privacy landscapes changing around the globe, how can organizations handle cross-border deals while still remaining compliant? This has been a burning question over recent years.
It is common for organizations to have a global presence or conduct activities in several countries. The need to set up data transfers involving areas subject to strict regulation, such as the EU’s General Data Protection Regulation (GDPR), has created obstacles. An updated framework for data transfers between the U.S. and EU was recently finalized. Affected organizations must understand how this change materialized, new requirements imposed by the framework, and what analysts predict for the future of EU-U.S. data transfers.
The History
For almost 25 years, the EU and U.S. had some type of agreement in place to expedite data transfers while maintaining adequate protections. When the GDPR drastically changed the EU’s privacy landscape, significant revisions to the data transfer process were necessary. Take a look at the timeline:.
- In 2000, the EU-U.S. Safe Harbor Framework was established to allow cross-border transfers. It was deemed invalid in October 2015.
