EU Commission Publishes Communications on Data Transfers and the EU Data Economy
Time 2 Minute Read
Categories: European Union, International

On January 10, 2017, the European Commission published a communication addressed to the European Parliament and European Council on Exchanging and Protecting Personal Data in a Globalized World (the “Communication”). The Communication aims to facilitate commercial data flows and foster law enforcement cooperation. In the Communication, the European Commission states that it will:

  • Prioritize discussions on possible adequacy decisions with “key trading partners,” starting with (1) Japan and South Korea in 2017, (2) India, depending on the progress towards the modernization of its data protection laws, and (3) countries in Latin America (Mercosur) and the European Neighborhood.
  • Conduct periodic reviews of existing adequacy decisions at least every four years because adequacy decisions are “living” documents. This includes reviewing the implementation of the EU-U.S. Privacy Shield through its annual joint review mechanism.
  • Use multilateral fora such as the United Nations, G20 and APEC to foster international cooperation on data protection matters and to develop international enforcement mechanisms. In addition, the European Commission will promote the negotiation of framework agreements with its law enforcement partners, along the lines of the model provided by the “Umbrella Agreement.”
In another communication on Building a European Data Economy, published on the same date, the European Commission explores options (as part of its “Digital Single Market” Strategy) to remove unjustified or disproportionate EU data location restrictions, and outlines legal issues regarding data access and transfer, data portability and liability of non-personal, machine-generated digital data. In this second communication, the European Commission restates that it will seek to use EU trade agreements to set rules for e-commerce and cross-border data flows. The European Commission has launched a public consultation and dialogue with stakeholders on these topics to gather further evidence and to assess next steps.
Tags: Adequacy, APEC, Cross-Border Data Flow, EU Member States, European Commission, Japan, Personal Data, Privacy Shield, South Korea
Print Email Twitter/X Linkedin Facebook

You May Also Be Interested In

Time 3 Minute Read
Connecticut AG Clarifies AI Compliance Obligations Under CTDPA

The Connecticut Attorney General recently issued a legal memorandum regarding the application of existing Connecticut laws, such as the Connecticut Data Privacy Act, to the use of artificial intelligence.

Continue Reading ›
Print Email Twitter/X Linkedin Facebook
Time 2 Minute Read
European Commission Seeks Feedback on Draft Cyber Resilience Act Guidelines

On March 3, 2026, the European Commission published draft guidelines intended to clarify the application of the Cyber Resilience Act and opened a public consultation to gather feedback from stakeholders.

Continue Reading ›
Print Email Twitter/X Linkedin Facebook
Time 6 Minute Read
NetChoice Files Suit Challenging South Carolina Age-Appropriate Code Design

On February 9, 2026, trade association NetChoice filed a lawsuit challenging South Carolina’s newly passed Age-Appropriate Code Design (“SC AACD”) on First and Fourteenth Amendment grounds. The SC AACD was signed into law on February 5, 2026, making South Carolina the fifth U.S. state to enact such a law, following California, Maryland, Nebraska and Vermont.

Continue Reading ›
Print Email Twitter/X Linkedin Facebook
Time 2 Minute Read
South Korea Amends Privacy Law to Authorize Fines of Up to 10% of Total Revenue

On February 12, 2026, South Korea’s National Assembly passed amendments to the Personal Information Protection Act authorizing administrative fines of up to 10% of a company’s total revenue in certain high-severity data breach cases.

Continue Reading ›
Print Email Twitter/X Linkedin Facebook

Search

Subscribe Arrow

Recent Posts

Categories

Tags

Archives

Jump to Page