Companies transferring personal data, such as lists of employees or customers, outside the European Union must comply with stringent European legal restrictions. To help businesses demonstrate their compliance, the International Chamber of Commerce (ICC) has taken the initiative to standardize the process across all 25 EU countries.

Until now, companies have had to submit different application forms to each EU member state when asking data protection authorities to approve their Binding Corporate Rules (BCRs) - corporate codes which set measures to ensure data protection in transfers from one country within the EU to a country outside it.

Data protection authorities (DPAs) will also benefit from a more coherent, time-saving application process, while individuals will benefit from greater transparency in the drafting of BCR's determining how their personal data is safeguarded.

The standardized form has been submitted to the working group of European data protection authorities for discussion. DPAs have already responded favourably.

Divided into eight sections, the ICC form guides companies through the application process, ensuring all the necessary information is included, and explains what conditions exist and what obligations need to be met. ICC has already taken a leading role in assisting companies to use BCRs, and published a comprehensive report on binding corporate rules for international transfers of personal data in November 2004 (link below).

Related links: (Open in a new window.)
www.iccwbo.org/uploadedFiles/ICC/policy/e-business/pages/Standard_Application_for_Approval_of_BCRs.pdf
www.iccwbo.org/id5108/index.html

View printable version (opens in new window)
Back