January 21, 2018

January 19, 2018

Subscribe to Latest Legal News and Analysis

January 18, 2018

Subscribe to Latest Legal News and Analysis

European Commission Unveils Data Economy Package: International Data Transfers

On January 10, 2017, the European Commission unveiled the “last major Digital Single Market initiatives” addressing Europe’s digital future.  These initiatives comprise the following:

  • A proposal for a Regulation on Privacy and Electronic Communications (E-Privacy Regulation) (see our post here);

  • A Communication on “Building a European Data Economy” (see our post here); and

  • A Communication on exchanging and protecting personal data in a globalized world.

(There is also a proposal for a Regulation on data protection rules applying to European institutions which InsidePrivacy is not reporting on.)

This post summarizes the Communication on exchanging and protecting personal data in a globalized world, which sets out the Commission’s plans to expand mechanisms for data transfers out of the European Union in the coming months and years.

The Communication discusses a number of topics:

  • Adequacy decisions (immediate priorities are Japan and South Korea). The Commission will prioritize discussions relating to adequacy decisions to enable data flows to Japan and Korea in 2017, and also potentially India.  Countries in Latin America (in particular Mercosur (the sub-regional bloc of Argentina, Brazil, Paraguay, Uruguay and Venezuela)) and non-EEA countries geographically near Europe are also identified as priorities.  The Commission also re-commits to the ongoing monitoring of existing adequacy decisions (including the EU-U.S. Privacy Shield decision).

  • Facilitating trade and effective enforcement by protecting privacy and international cooperation mechanisms. The Commission will also work in a range of fora with third countries that are engaged in promoting and adopting data protection laws to encourage data protection principles akin to those in the EU.  For example, the Commission will encourage third countries to accede to Council of Europe Convention 108 and its additional Protocol, and will push for the Convention’s modernization and accession of the EU as a party to that Convention.

  • Alternative data transfer mechanisms. The Commission will work with stakeholders to develop alternative personal data transfer mechanisms adapted to the particular needs or conditions of specific industries, business models and/or operations.  (Such mechanisms could comprise codes of conduct or sector-specific adequacy decisions, for instance.)

Also notably, in a section reporting on cross-border transfers of data by service providers in response to requests from law enforcement authorities, the Commission states that it will outline options to reform “access to electronic evidence” in June 2017.

© 2018 Covington & Burling LLP


About this Author

Daniel Cooper, Information Technology, Attorney, Covington Burling, law firm

Daniel Cooper advises clients on information technology regulatory issues, particularly data protection, e-commerce and data security matters. 

Mr. Cooper has successfully represented clients in the pharmaceutical research, biotech, sports and financial services sectors, among others, before national data protection regulators and EU-level authorities, including European Union and Council of Europe institutions.  According to the latest edition of Chambers UK (2014), clients note that he "is extremely knowledgeable and provides practical and comprehensive advice."  The guide...

Legal, Business,  Ezra Steinhardt, Technology and Media Group Attorney, Covington

Ezra Steinhardt is an associate in the technology and media group in the London office.  His practice encompasses data privacy, information technology, international trade, and legislative advocacy.

Mr. Steinhardt advises leading internet, technology and pharmaceutical companies and trade consortia on a diverse range of regulatory compliance and law reform issues.  This includes policy advocacy and strategic advice on data protection and data security, consumer protection, interception of communications, copyright, and other internet-related issues. 

44 (0) 20 7067 2381
Joseph Jones, Covington Law Firm, Technology and Media Attorney

Joe Jones is an associate in the technology and media practice group, having joined the firm as a trainee solicitor in 2014.

Mr. Jones advises emerging and leading companies on data protection and intellectual property issues, including cybersecurity, copyright, trademarks, and e-commerce. He has experience advising companies in the technology, pharmaceutical, and media sectors. His practice encompasses regulatory compliance and advisory work. He regularly provides strategic advice to global companies on complying with data protection laws in...

207-067- 2193