Insights & Publications
© 2018 Debevoise & Plimpton LLP
Draft EU Guidelines on Cross-Border Data Transfer
21 February 2018
View Client Update
The EU's Article 29 Data Protection Working Party has issued draft Guidelines on Article 49 of the EU General Data Protection Regulation, setting out some circumstances when EU personal data can be transferred to the U.S. and other countries that, according to the EU authorities, do not adequately protect personal data.
The Good News: The Working Party has taken a more expansive view of the “establishment, exercise or defence of legal claims” exemption, which may allow for greater information sharing with U.S. authorities and civil litigants.
The Bad News: The public interest, vital Interests, and compelling legitimate interests bases for data transfers remain restrictive.
There is an opportunity to influence the final version of the Guidelines by making a submission to the Working Party by 26 March 2018.
Cybersecurity & Data Privacy
White Collar & Regulatory Defense
Dr. Thomas Schürrle
View More Authors
European Funds Comment: Reporting Emissions in the UK: Further Disclosures Coming
Debevoise Partner Luke Dembosky Keynotes International Cyber Risk Management Conference
Medical Device Cybersecurity Report Advancing Coordinated Vulnerability Disclosure
Debevoise Achieves Top Rankings in
UK Modern Slavery Act Transparency Statement
Debevoise Women's Review