EU sets data transfer rules

European companies will be able to provide a legal means of transferring private data outside of the European Union (EU) from 1st April when new clauses come into effect.

The new alternative model contract clauses will mean there will be a framework in place that allows transfers of personal data outside of the EU within the strictures of the EU data directive.

The European Commission accepted several proposal put forward by international business associations, such as the Confederation of British Industry (CBI) and the International Chamber of Commerce (ICC) in the UK. The proposals set out what constituted an "adequate level of data protection" that would come under European law.

Christopher Kuner, Chairman of ICC's Task Force on Privacy and the Protection of Personal Data, who led the negotiations with the EU, said these clauses provided a number of advantages for European companies over the clauses the Commission had previously.

"Our clauses offer the same level of data protection as the Commission's clauses", said Kuner, "but use more flexible mechanisms that are more in line with business realities".

The clauses do not require the data exporter and data importer to be liable for each other's misuse of the data, as the Commission's previous clauses had done, and now contain auditing provisions that are claimed to be more flexible and realistic.

The new clauses are not only supported by UK and European business associations but also by the American Chamber of Commerce and Japan Business Council in Europe.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.