Seminar on Trans-border Data Flows (TBDF) and the Safe Harbour case
6 December 2004 - 6 December 2004
Belgium
The Seminar aims at presenting the results of the study on the Safe Harbour Implementation and discussing alternatives for Trans-border Data Flows (TBDF).
Many national and multinational companies export and import personal data on a regular basis, for various purposes, including management activities (human resources, customer care, direct marketing), provision of services, etc.
Directive 95/46/EC Principles for TBDF
The exchange of personal data across borders has remarkably increased in the last years. Many national and multinational companies export and import personal data on a regular basis, for various purposes, including management activities (human resources, customer care, direct marketing), provision of services, etc.,Article 25.1 of the Directive sets out the principle that Member States shall only allow a transfer of personal data to take place if the third country in question ensures an adequate level of protection.This general principle is softened in different ways by several provisions of the Directive. The notion of adequate protection has to be linked to the degree of risk a transfer presents and to the nature of the data.
The adequacy of the level of protection afforded by a third country shall be assessed in the light of all the circumstances surrounding a data transfer operation or set of data transfer operations; particular consideration shall be given to the nature of the data, the purpose and duration of the proposed processing operation or operations, the country of origin and country of final destination, the rules of law, both general and sectoral, in force in the third country in question and the professional rules and security measures which are complied with in that country[1]
The Safe Harbour scheme
The Safe Harbor scheme (SH), established under the auspices of the United States Department of Commerce (DoC) for the transfer of personal data from the European Union (EU) to the United States (US), is recognized by the European Commission as providing adequate protection under the terms of Directive 95/46/EC. The scheme creates a voluntary mechanism enabling US organizations to qualify as offering adequate protection for personal data transferred to them from the EU. More specifically, SH defines a set of privacy principles and frequently asked questions (FAQs), allowing US organizations to commit that their information practices will conform to the defined principles, and requires the availability of independent recourse mechanisms for enforcement. The commitment by organizations must be made to the DoC through a certification that publicly identifies the organizations adherence to the principles. This commitment being made, companies are bound by the SH.[2]
For further information about the seminar and the registration process please visit http://www.droit.fundp.ac.be/colloques/transborderDataflow.htm(opens in new window)
Many national and multinational companies export and import personal data on a regular basis, for various purposes, including management activities (human resources, customer care, direct marketing), provision of services, etc.
Directive 95/46/EC Principles for TBDF
The exchange of personal data across borders has remarkably increased in the last years. Many national and multinational companies export and import personal data on a regular basis, for various purposes, including management activities (human resources, customer care, direct marketing), provision of services, etc.,Article 25.1 of the Directive sets out the principle that Member States shall only allow a transfer of personal data to take place if the third country in question ensures an adequate level of protection.This general principle is softened in different ways by several provisions of the Directive. The notion of adequate protection has to be linked to the degree of risk a transfer presents and to the nature of the data.
The adequacy of the level of protection afforded by a third country shall be assessed in the light of all the circumstances surrounding a data transfer operation or set of data transfer operations; particular consideration shall be given to the nature of the data, the purpose and duration of the proposed processing operation or operations, the country of origin and country of final destination, the rules of law, both general and sectoral, in force in the third country in question and the professional rules and security measures which are complied with in that country[1]
The Safe Harbour scheme
The Safe Harbor scheme (SH), established under the auspices of the United States Department of Commerce (DoC) for the transfer of personal data from the European Union (EU) to the United States (US), is recognized by the European Commission as providing adequate protection under the terms of Directive 95/46/EC. The scheme creates a voluntary mechanism enabling US organizations to qualify as offering adequate protection for personal data transferred to them from the EU. More specifically, SH defines a set of privacy principles and frequently asked questions (FAQs), allowing US organizations to commit that their information practices will conform to the defined principles, and requires the availability of independent recourse mechanisms for enforcement. The commitment by organizations must be made to the DoC through a certification that publicly identifies the organizations adherence to the principles. This commitment being made, companies are bound by the SH.[2]
For further information about the seminar and the registration process please visit http://www.droit.fundp.ac.be/colloques/transborderDataflow.htm(opens in new window)
Keywords
Privacy-Personal Data Protection and on-line networks