PL&B International E-news, Issue 63

1. The Netherlands Announces Binding Corporate Rules Innovation

Developments to improve BCRs and outsourcing were announced at a meeting in The Hague of the Privacy Laws & Business European Privacy Officers’ Network on 13 November. Ms. Anne Smeets, policy officer at the Dutch Data Protection Authority, explained that they had just approved a system for approving BCRs for use in many EU countries. One country would act as the lead data protection authority and others would normally follow with approval, unless they have grounds for objection.

Until now, the EU BCR system has applied solely to transfers within a multinational company. The other innovation which Ms Smeets announced is that in the future the Netherlands Data Protection Authority will issue a permit for the transfer of personal data from a multinational company to its processors in non-adequate countries. This application, with its list of processors, would be submitted to the Netherlands Data Protection Authority every half year.

There will be an expanded version of this report in the December issue of Privacy Laws & Business International Newsletter.

Click here for further information about subscribing to the international newsletter.

Copyright Privacy Laws & Business 2007