Binding Corporate Rules

A press release from the Information Commissioner today is a good reminder that there is another way of dealing with data transfers into and out of the European Economic Area but within multi-national organisations – using binding corporate rules (BCRs).

We note that the UK Information Commissioner’s Office (ICO) is getting a good track record of being the coordinating data protection authority of choice for organisations wishes to get their corporate rules authorised.  However, BCRs are still not exactly popular.  The ICO as so far only approved 4 BCRs:

15 December 2005: General Electric Company (employee data)
2 April 2007: Koninklijke Philips Electronics NV (employee data)
22 April 2009: Atmel Corporation (employee data)
30 April 2009: Accenture Limited (employee and client)

Maybe multi-national prefer dealing with a whole stack of export of data agreements?!

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s