Regulation of Transborder Data Flows Under Data Protection and Privacy Law: Past, Present, and Future
TILT Law & Technology Working Paper No. 016/2010
90 Pages Posted: 10 Oct 2010
Date Written: October 1, 2010
Transborder data flows have become increasingly important in economic, political, and social terms over the thirty years since adoption in 1980 of the OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data. Data protection and privacy legislation often regulates the movement of personal data across national borders. A fundamental change in the business and technological environment for data processing is also taking place, driven by developments such as the increased globalisation of the world economy; the growing economic importance of data processing; the ubiquity of data transfers over the Internet; greater direct involvement of individuals in transborder data flows; the changing role of geography; and growing risks to the privacy of individuals. Despite these fundamental changes in the data processing landscape, and the growth in the regulation of transborder data flows in numerous countries, there has been little attempt so far to conduct a systematic inventory of such regulation at a global level; to examine the policies underlying it; and to consider whether those policies need to be re-evaluated. This study is designed to describe the present status of transborder data flow regulation, and to provoke reflection about its aims, operation, and effectiveness, now and in the future. An Annex lists data protection and privacy law instruments from around the world regulating transborder data flows.
Keywords: privacy, data protection, international data transfers, transborder data flows, EU Data Protection Directive, APEC Privacy Framework, OECD Privacy Guidelines, cloud computing
Suggested Citation: Suggested Citation