Information Commissioner’s Office (ICO) looks at the key GDPR points over international data transfer
Greater restrictions are set to be in place for the international transfer of data when the new GDPR comes into force next month. Current legislation already imposes restrictions and caveats on data transferred outside the EU, but the new changes are set to ensure that the additional protection GDPR allows for is not undermined outside of Europe.
In an increasingly globalised society, it’s easy for data to be fired around the world in a matter of seconds, but data moved outside of the UK cannot be allowed to be more vulnerable.
One of the issues that is being looked at in the We-Vibe data protection cases is the fact that user data may have been transferred outside of the UK to the headquarters of the company behind the product in Canada. This in itself can be a breach of data protection rules, particularly where a person does not authorise their data being transferred outside of the country.
A number of changes the new GDPR will enforce when it comes to international data transfer include:
- Compliance of Chapter V of the GDPR must be met for data being transferred outside of the EU
- Adequate protection of data transferred outside the EU must be assured
- Adequate safeguards should be in place for the international recipient of the data
- People’s rights and legal remedies must be effective and enforceable
Things like legal agreements, contractual clauses, shared rules, shared compliance, proper certification and other administrative arrangements must be enforced. At present, too few organisations have any form of processes or procedures for data being shared or moved in the UK, so sharing it abroad will be thoroughly enforced as well when GDPR becomes effective.
Informed consent and knowledge of the data subjects will also be at the heart of the new rules.
As we have covered before, any failure to adhere to the new GDPR rules could land an offending organisation in serious trouble. Fines alone could be in the millions, so compliance is compulsory!
You can read more on the ICO website here.
IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.
Request a Callback from our team!
Fill out our quick call back form below and we’ll contact you when you’re ready to talk to us.
All fields marked * are required.
You have the right to object to the processing of your personal data.