BRUSSELS – December 21, 2020 – In comments submitted today to the European Data Protection Board (EDPB), BSA | The Software Alliance welcomed efforts to restore legal certainty as quickly as possible to businesses – in Europe and around the world – that rely on data transfers to operate, innovate, and compete.

International data flows are an integral pillar of global trade, and barriers to their free flow constitute a major challenge to every sector of the economy. BSA commends the EDPB for publishing its recommendations to help companies conduct case-by-case assessments of their data transfers, as required by the CJEU's Schrems II decision.

“The enterprise software industry has long recognized the essential importance of privacy to data transfers. The ability to maintain privacy and security is core to BSA members’ business strategies,” said Thomas Boué, Director General, Policy – EMEA at BSA. “This is not just a tech industry issue; it is an issue for companies of all sizes and in all industries, especially as more and more businesses undergo digital transformations.”

BSA’s comments to the EDPB offer recommendations on how, in practice, companies can and should assess a broad range of circumstances surrounding a data transfer. BSA also encourages the EDPB to consider a broad range of technical, contractual, and organizational safeguards that may be appropriate and proportional, depending on the type of transfer.

“There is an urgent need for increased certainty around rules for maintaining protected international data flows,” Boué said. “We remain optimistic that the EDPB’s recommendations can be adjusted to better reflect the CJEU’s judgment, which envisions greater flexibility and use of additional safeguards to protect privacy,” Boué said.

Read BSA’s full submission here.