Regulation of Transborder Data Flows under ... - Tilburg University

More documents

Recommendations

Info

Kuner/Regulation of Transborder Data Flows under Data Protection and Privacy Law 56 Name Provisions Text or translation (excerpts; notes are given in italics) Additional Protocol Recommendation No.R(87)15 of the Committee of Ministers to Member States regulating the use of personal data in the police sector automated personal data files, because of the nature of those data or those files, except where the regulations of the other Party provide an equivalent protection; b. when the transfer is made from its territory to the territory of a non-contracting State through the intermediary of the territory of another Party, in order to avoid such transfers resulting in circumvention of the legislation of the Party referred to at the beginning of this paragraph. NOTE: Countries that have enacted Convention 108 include the EU Member States, Albania, Andorra, Azerbaijan, Bosnia and Herzegovina, Georgia, Liechtenstein, the former Yugoslav Republic of Macedonia, Moldova, Norway, Serbia, and Switzerland Article 2 – Transborder flows of personal data to a recipient which is not subject to the jurisdiction of a Party to the Convention 1. Each Party shall provide for the transfer of personal data to a recipient that is subject to the jurisdiction of a State or organisation that is not Party to the Convention only if that State or organisation ensures an adequate level of protection for the intended data transfer. 2. By way of derogation from paragraph 1 of Article 2 of this Protocol, each Party may allow for the transfer of personal data: a. if domestic law provides for it because of: – specific interests of the data subject, or – legitimate prevailing interests, especially important public interests, or b. if safeguards, which can in particular result from contractual clauses, are provided by the controller responsible for the transfer and are found adequate by the competent authorities according to domestic law. NOTE: Countries that have enacted the Additional Protocol include most (but not all) EU Member States, Albania, Andorra, Bosnia and Herzegovina, Croatia, Liechtenstein, the former Yugoslav Republic of Macedonia, Monaco, Montenegro, Serbia, and Switzerland 5.4. International communication Communication of data to foreign authorities should be restricted to police bodies. It should only be permissible: a. if there exists a clear legal provision under national or international law, b. in the absence of such a provision, if the communication is necessary for the prevention of a serious and imminent danger or is necessary for the suppression of a serious criminal offence under ordinary law, and provided that domestic regulations for the protection of the person are not prejudiced.
Kuner/Regulation of Transborder Data Flows under Data Protection and Privacy Law 57 European Union Directive (EC) 95/46 of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data [1995], OJ L281/31 (binding on the 27 EU and the three EEA Member States, see below under section B.) Article 25 1. The Member States shall provide that the transfer to a third country of personal data which are undergoing processing or are intended for processing after transfer may take place only if, without prejudice to compliance with the national provisions adopted pursuant to the other provisions of this Directive, the third country in question ensures an adequate level of protection. 2. The adequacy of the level of protection afforded by a third country shall be assessed in the light of all the circumstances surrounding a data transfer operation or set of data transfer operations; particular consideration shall be given to the nature of the data, the purpose and duration of the proposed processing operation or operations, the country of origin and country of final destination, the rules of law, both general and sectoral, in force in the third country in question and the professional rules and security measures which are complied with in that country. 3. The Member States and the Commission shall inform each other of cases where they consider that a third country does not ensure an adequate level of protection within the meaning of paragraph 2. 4. Where the Commission finds, under the procedure provided for in Article 31 (2), that a third country does not ensure an adequate level of protection within the meaning of paragraph 2 of this Article, Member States shall take the measures necessary to prevent any transfer of data of the same type to the third country in question. 5. At the appropriate time, the Commission shall enter into negotiations with a view to remedying the situation resulting from the finding made pursuant to paragraph 4. 6. The Commission may find, in accordance with the procedure referred to in Article 31 (2), that a third country ensures an adequate level of protection within the meaning of paragraph 2 of this Article, by reason of its domestic law or of the international commitments it has entered into, particularly upon conclusion of the negotiations referred to in paragraph 5, for the protection of the private lives and basic freedoms and rights of individuals. Member States shall take the measures necessary to comply with the Commission's decision. Article 26 1. By way of derogation from Article 25 and save where otherwise provided by domestic law governing particular cases, Member States shall provide that a transfer or a set of transfers of personal data to a third country which does not ensure an adequate level of protection within the meaning of Article 25 (2) may take place on condition that: (a) the data subject has given his consent unambiguously to the proposed transfer; or (b) the transfer is necessary for the performance of a contract between the data subject and the controller or the implementation of precontractual measures taken in response to the data subject's request; or (c) the transfer is necessary for the conclusion or performance
Page 1 and 2:
TILT (TILBURG INSTITUTE FOR LAW, TE
Page 3 and 4:
Kuner/Regulation of Transborder Dat
Page 5 and 6: Kuner/Regulation of Transborder Dat
Page 55: Kuner/Regulation of Transborder Dat
show all

Regulation of Transborder Data Flows under ... - Tilburg University

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?