techUK and the Global Business Community call on EU to Safeguard International Data Flows
techUK has joined a wide-ranging coalition of industry groups in a call to the European Data Protection Board (EDPB) and the European Commission to ensure much-needed legal certainty around data flows in and outside of the bloc.
Members of techUK have expressed concern that the EDPB draft Recommendations 01/2020 on measures that supplement transfer tools to ensure compliance with the EU level of protection of personal data will have a substantial, negative impact on personal data transfers from and to the EU.
As a recent BusinessEurope-led coalition statement underlines, an unduly restrictive approach to data flows would have a significant effect on European industries and risks damaging the competitiveness and innovative capability of the EU’s digital economy. In their current form, the draft Recommendations would mean that a very large number of existing business functions carried out by EEA and non-EEA based companies would either no longer be permitted or extremely risky to carry out. This approach, coupled with the unrealistic regulatory burden placed on smaller firms, risks cementing current market imbalances and resulting in less overall consumer choice.
The draft Recommendations threaten the perception of the EU as an open digital economy by introducing de facto data localisation through strict regulatory recommendations which may result in retatiation from other jurisdictions which are key to European business operations.
In addition to urging decision-makers to address the concerns raised around the EDPB’s draft Recommendations for supplementary measures, the signatories of the joint statement highlight uncertainties caused by the 16 July ruling of the Court of Justice of the European Union in the so-called Schrems II case (C-311/18) invalidating the EU-U.S. Privacy Shield agreement as a mechanism to transfer data between the EU and the U.S. The groups recommend that equipping companies with a practical “toolbox” of measures would aid compliance and align with the GDPR’s risk-based approach while allowing for practical ways to allow data transfers in a way that is compliant with EU law.
“International data flows are an integral pillar of global trade, and any disruption to their free flow constitutes a major challenge to every economic sector,” the groups wrote in a letter sent Monday 21st December. “The recent developments following the Schrems II judgment in the European Union are creating deep uncertainty throughout the world, as the wide geographic variety of co-signatories to this statement demonstrates.”
Signatories to the letter include the Information Technology Industry Council (ITI); Abelia – The business Association of Norwegian knowledge- and technology based enterprises; ACT | The App Association; Alliance for Automotive Innovation; Allied for Startups; American Chamber of Commerce to the European Union (AmCham EU); American Chamber of Commerce Ireland (AmCham Ireland); Australia Services Roundtable (ASR); Biotechnology Innovation Organization (BIO); Coalition of Service Industries (CSI); Computer and Communications Industry Association (CCIA); Confederation of Industry of the Czech Republic; Danish Entrepreneurs; Developers Alliance; Ecommerce Europe; European Research Federation (efamro); European Services Forum (ESF); Electronic Transactions Association (ETA); EU Travel Tech; European Publishers Council (EPC); Federation of European Direct and Interactive Marketing (FEDMA); IAB Europe; Internet Association (IA); IT&Telekomföretagen; Software & Information Industry Association (SIIA); TechNet; TechUK; United States Council for International Business (USCIB); US Chamber of Commerce; World Federation of Advertisers.
The full letter is available here.