Cross border transfers are becoming more difficult and costly from a business perspective as more countries adopt privacy laws that regulate and limit cross-border transfers of personal information, including transfers to headquarters, affiliates, branch offices or subsidiaries. Typically these laws either explicitly prohibit transfers to other countries unless certain conditions are met or impose regulatory obligations on the organizations transferring the personal information. Many of these laws are enacted in response to growing public concern about the potential and actual misuse of personal information in an increasingly networked economy.

Privacy laws, however, vary dramatically from country to country. Some countries have enacted comprehensive laws while others have little or no rules in place. For those countries that do have laws in place, the standard of protection provided for in the law, its interpretation and the level of enforcement can vary significantly.

This article explores alternatives to creating a truly global solution for cross border solutions.

To read this article in full please click here (PDF format).

This article appeared in the Georgetown Journal of International Law, Volume 38 Issue 3; and is reprinted with permission.