Header graphic for print
HL Chronicle of Data Protection Privacy & Information Security News & Trends

Tag Archives: Binding Corporate Rules

Posted on By HL Chronicle of Data Protection Posted in International/EU Privacy

Article 29 Working Party Issues Additional Guidance on BCRs for Data Processors

On April 19, the European Union’s Article 29 Working Party adopted Explanatory Document WP204 on processor Binding Corporate Rules (BCRs). Processor BCRs provide a new avenue for data controllers to transfer EU personal data to processors (such as cloud service providers) located in third countries not considered to ensure an adequate level of protection under the 1995 EU Data Protection Directive. The Article 29 Working Party, noting the success of controller BCRs and citing the “growing interest of industry in such a tool,” provided initial guidance on processor BCRs in June 2012 through Working Document WP195 (which we previously covered here). WP195 presented a “toolbox” that laid out the criteria for approval of processor BCRs, as well as explanatory notes on the content expected in the processor BCRs. As of January 1, 2013, the EU began accepting applications for approval of processor BCRs.

Posted on By Bret Cohen Posted in International/EU Privacy

Details of EU Data Protection Reform Reveal Dramatic Proposed Changes

Although the European Commission was expected to release its overhaul of the 1995 Data Protection Directive (95/46/EC) next month, some of the details of those changes emerged earlier than expected this week. In this post, we summarize the many key changes between the Data Protection Directive and the Commission’s draft Data Protection Regulation.