Paper: Managing compliance in the global space – transborder data flow – November 2004
In brief: Partner Katherine Sainty and Law Graduate Andrew Ailwood discuss the increasing regulation of the transfer of data containing personal or sensitive information from an entity in one country to an entity in another jurisdiction.
Presented in Sydney on 30 November 2004 at the Workplace and Information Privacy Conference.
Modern business is increasingly borderless. The communications revolution and the reduction in international trade barriers has allowed business to globalise and for regions to specialise. The call centre answers the phone in India, the product is designed in Europe, made in China and it is all managed from the US. But these business units must share their information; information about employees, customers and suppliers.
Transborder data flow is the transfer of data containing personal or sensitive information from an entity in one country to an entity in another jurisdiction and is an area of increasing regulation around the world. Strict European regulation is driving change and setting the international standard for personal privacy protection.
- What are the transborder restrictions on data flows?
1.1 EU Initiatives
1.2 An example: UK implementation of the EU Directive
1.3 Trans-border data protection in the new EU
1.4 Australian transborder restrictions
1.5 The EU view of Australian transborder protections
- Avoiding your data protection obligations – data havens
2.1 Data havens – what are they?
2.2 Data havens – how might they work?
3.1 Obligations on Australian companies
3.2 Consent at the time of collection
3.3 Standard contractual clauses
3.4 Binding corporate rules
3.5 Highest minimum standard
For more, download the paper (as an adobe acrobat pdf - 94KB).