Developing an Adequate Legal Framework for International Data Transfers
REINVENTING DATA PROTECTION? S. Gutwirth, eds., pp. 263-273, Springer Science+Business Media B.V., 2009
11 Pages Posted: 31 Aug 2009
Date Written: July 1, 2009
Abstract
With the EU Data Protection Directive having been in force now for nearly ten years, it is wise to examine the basic concepts and assumptions on which the Directive is based, to determine whether it is functioning properly. It is the thesis of this paper that the present EU legal framework for “adequacy” decisions for the international transfer of personal data is inadequate, in both a procedural and substantive sense, and needs reform. The framework was created for a world in which the Internet was not widely used, and in which data did not flow as easily across national borders as they do now. The present system of adequacy decisions has been grievously overloaded by the great increase in data flows in the past few years, and also drains resources that could better be used in other areas of data protection. European policymakers should take a hard look at the current adequacy system and its present failings, and reform the system in a way that more effectively protects the interests of data controllers, individuals, and data protection supervisory authorities.
Keywords: European Union, data protection, privacy, adequacy, international data transfers, global data flows, APEC, accountability
Suggested Citation: Suggested Citation