Details
- Furthering the important debate on how to protect cross-border data transfers, this is the first book to give an in-depth assessment of the BCR regime as a potential solution
- In-depth analysis from an expert practitioner who leads the working group from which the leading Dutch multinationals developed their BCRs
- Provides practical guidance on how BCRs work, including templates for companies' employee data and customer data
- Gives insightful recommendations to EU legislators, including proposals for the revised Data Protection Directive, and for streamlining the BCR authorisation procedure
- Sets out empirical data to test the existing research findings on the legitimacy of transnational private regulation to regulate corporate conduct
- Covers all changes brought by the recent EU proposal for a new Data Protection Regulation
The digital era shows an unprecedented worldwide flow of data within multinational companies and their external service providers. Binding Corporate Rules (BCRs) are designed to allow these companies to transfer personal data across borders in compliance with EU Data Protection Law. This is the first work to give an in-depth assessment of the BCR regime.
It discusses the origins of the regime and the material requirements of BCR, as well as how they should be applied in practice and made binding on the companies and employees. It also covers how BCRs may provide for enforceable rights for the beneficiaries of the regime and how they should be brought in line with requirements of European rules on private international law.
The work also analyses a number of significant academic debates in the areas of transnational private regulation and data protection. It reflects on the debates as to the legitimacy of transnational private regulation as a method of regulating corporate conduct and also focuses on the merits and shortcomings of BCR as a method for regulating global data transfers.
This book is essential reading for those who need to understand more about the BCR regime, and require insight into how cross-border data transfers could be better protected in the future.
Readership: Academics, regulators and policy-makers working in the areas of data protection law, transnational private regulation, Better Regulation, corporate social responsibility and private international law in the UK and Europe. Private and in-house lawyers, including privacy officers.
1: Introduction
2: Binding Corporate Rules: An Overview
3: The Worldwide Data Protection Regulatory Landscape
4: Trends and Developments in the Legal Landscape
5: Trends and Developments in Multinational Corporate Practice
6: Implementation of Self-Regulation
7: BCR and Contract Law
8: BCR and EU Rules of Private International Law
9: BCR and the 'Accountability Principle'
10: BCR as a Form of Transnational Private Regulation
11: BCR and Corporate Social Responsibility
12: Conclusion
Appendix I: Overview of Recommendations to EU legislators
Appendix II: BCR for Employee Data
Appendix III: BCR for Customer Data
Lokke Moerel, Partner, De Brauw Blackstone Westbroek
Lokke Moerel is a Partner at the international law firm De Brauw Blackstone Westbroek, and chairs its global data privacy and security practice. She provides strategic advice to multinationals on their global ICT compliance. She leads the working group from which the Chief Privacy Officers of the leading Dutch multinationals developed their Binding Corporate Rules. Lokke teaches global ICT law at Tilburg University, is a member of the OECD Volunteer Expert Group, evaluating the OECD Privacy Principles, and arbitrator and mediator with WIPO and the Dutch institute for ICT disputes.
"Not only does this book offer an insightful analysis of the problems that export of personal data poses for companies, it also places high valuable markers for the decisions that must be taken by lawyers in advising their clients on international data transfer. In offering many relevant recommendations as to how transfer of personal data and more in particular the instrument of BCR should develop, the book will be a highly valuable source for legal practitioners, policy makers and researchers seeking to understand the legal requirements and possibilities of exporting personal data to other countries, within the European Union as well as worldwide." - Corien Prins
