Inside US Trade, April 2, 2020

By Isabelle Isco

The European Commission plans to assess the effectiveness of its General Data Protection Regulation, which came into force in May 2018, by asking for input to inform a report set to be released next month.

The GDPR is designed to ease intra-EU data flows and third-party compliance with the bloc’s rules. The framework contains principles required for the European Commission to determine that an adequate level of data protection exists for companies based in third countries; it also harmonizes personal data protection regulations across all 28 EU member states.

The US has called the bloc’s approach to data protection overly restrictive and innovation-stifling. The two sides are addressing this divergence in approaches to privacy and cross-border data flows in the World Trade Organization’s plurilateral talks on e-commerce, which began last year.

“The Commission will report on the application of the General Data Protection Regulation, two years after its entry into application,” the Commission said in an April 1 press release. “It will include the issue of international transfer of personal data to third countries and the cooperation and consistency mechanism between national data protection authorities.”

Comments are due by April 29, the release states.

Isabelle Roccia, senior policy manager for Europe, the Middle East and Africa at BSA | The Software Alliance, said the EU must assess whether the GDPR has worked as intended.

“The GDPR is one of the most advanced and widely accepted versions of privacy law globally,” she said in a statement to Inside US Trade this week. “As the Commission conducts its GDPR review, it will be important to assess if GDPR worked as intended to successfully harmonize data protection laws throughout the EU and beyond for two reasons: First, so that consumers know and trust what privacy controls they have, regardless of where they are in the EU; and second, so that businesses know what their obligations are, which improves the EU single market.”

Additionally, as the GDPR review progresses, it will be imperative to “strengthen data flows mechanisms that are currently under threat in European Courts,” Roccia continued. “It is critical to ensure the continuity of GDPR transfer tools so that businesses can continue to protect personal data, innovate, and responsibly service customers globally.”

BSA | The Software Alliance, which bills itself as the leading advocate for the global software industry, is calling on countries around the world to use all “mechanisms and fora at their disposal to reach convergence on privacy,” she added, pointing to the G7, G20 and the Asia-Pacific Economic Cooperation forum.

“[W]hether that’s through the G7, the G20, APEC, bespoke agreements such as the EU-US Privacy Shield, or through free trade agreements. Privacy laws don’t have to be identical, but they do need to be interoperable. This makes it easier for privacy systems to work together, which is essential in today’s global economy,” Roccia concluded.

Read More >>

Original Posting: https://insidetrade.com/share/168529