This episode explores the complexities of international data transfers under GDPR, detailing the criteria established by the European Data Protection Board. It outlines the three criteria to determine when data crossing EU borders qualifies as a transfer under Chapter V of GDPR, along with discussions on adequacy decisions, the EU-US Data Privacy Framework, and practical applications of standard contractual clauses (SCCs). Binding corporate rules (BCRs) and limited exceptions, or derogations, are also explained as methods for legitimate data transfers without adequacy.
00:00 Introduction to International Data Transfers
00:34 Understanding GDPR's Transfer Criteria
01:36 Real-World Examples of Data Transfers
02:08 When Transfers Don't Count
03:23 Green Lights for Data Transfers: Adequacy Decisions
04:00 The EU-US Data Privacy Framework
05:34 Safeguards for Data Transfers
05:49 Standard Contractual Clauses (SCCs) and Binding Corporate Rules (BCRs)
07:20 Exceptions and Derogations
11:47 The Importance of Documentation
13:00 Risk Awareness and Conclusion
Popular Podcasts
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
24/7 News: The Latest
The latest news in 4 minutes updated every hour, every day.
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com