EU to modernize personal data standard contractual clauses

Background on GDPR

The GDPR established a single set of rules on the processing and free movement of personal data, replacing a 1995 EU directive on data protection. The GDPR established the rules for lawfully transferring personal data from EU member states to countries outside the EU, and those rules have been influential in the development of other countries’ data protection standards. The GDPR also included a new governance system aimed at establishing a level playing field for all companies operating in the EU, regardless of the member state in which they are established.

Other highlights of GDPR evaluation report

The European Data Protection Board (EDPB) will issue specific guidance on the use of certification and codes of conduct for transferring data outside of the EU and will publish guidelines on other emerging topics. The EDPB is an independent European body that contributes to the consistent application of the EU’s data protection laws and promotes cooperation between member states’ data protection authorities.
Increased efforts would aim to improve citizens’ awareness of the GDPR and their rights.
Engagement with stakeholders would aim to support small and medium-sized firms’ use of the GDPR. The EDPB will issue toolkits aimed at supporting small and micro-enterprises.
The commission will urge member states to improve the resources allocated to national data protection authorities. The commission says there are currently “stark differences” between the authorities.
The adoption of a more efficient and harmonized approach by member states’ data protection authorities to support the GDPR’s ”one stop shop” provisions, enabling companies to deal only with one data protection authority when making cross-border data transfers.

Related resources

Information on standard contractual clauses (European Commission)
Information on European Data Protection Board (European Data Protection Board)
European Data Protection Board guidelines (European Data Protection Board)
Press release and other review resources (European Commission, 24 Jun 2020)
Regulation (EU) 2016/679 (EurLex, 27 Apr 2016)

More Law & Policy Posts

by Fiona Webster

Principal, Mercer’s Law & Policy Group

by Stephanie Rosseau

Principal, Mercer’s Law & Policy Group

Speak with a Mercer consultant

Provide your contact information to get in touch

*Required Fields

Our thinking

Global Legislative Update, June 2020

Our thinking

EU data protection, COVID-19 contact tracing and app tools

Our thinking

Guidelines on the use of location data and contact tracing tools

Hide

Already a mercer.com registered user?

Don’t have a mercer.com account?

Already a mercer.com registered user?

Don’t have a mercer.com account?

EU to modernize personal data standard contractual clauses

Background on GDPR

Other highlights of GDPR evaluation report

Related resources

Speak with a Mercer consultant

Related

Global Legislative Update, June 2020

EU data protection, COVID-19 contact tracing and app tools

Guidelines on the use of location data and contact tracing tools

Mercer Global

Lines of business