News Archives

Sunday, April 5, 2015

CNIL Eases Trans-Border Notification Requirements

The French data protection authority, the CNIL, streamlined international data transfers for companies with Binding Corporate Rules (BCRs), replacing the practice of requiring notification of each type of data transfer with a new procedure under which only one authorization will be needed by the group, with affiliates then submitting a simplified registration indicating that their data transfers outside the EU fall under that authorization.  As a sign of their support for BCRs, the CNIL will be directly contacting each of the 60 or so multi-nationals with BCRs to explain the new procedure.  Separately, the CNIL issued guidelines on March 4 for companies regarding Bring Your Own Device (BYOD) policies, appropriate safeguards for protecting the privacy of employees and notification of BYOD activities.

No comments:

Post a Comment