Article 26.2. of the Data Protection Directive empowers EC Member States to authorize transfers to non-adequate countries where the data controller ‘adduces adequate safeguards with respect to the protection of the privacy and fundamental rights and freedoms of individuals’. One of the mechanisms identified by Article 26.2. for securing adequate safeguards is the use of contractual clauses.

Related to this, Article 26.4. gives the European Commission the power to decide that ‘certain standard contractual clauses offer sufficient safeguards’ and if the European Commission makes a decision to that effect, the same article then goes on to provide that ‘Member States shall take the necessary measures to comply ...

Get Data Protection and Compliance in Context now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.