In recent years, data protection laws have proliferated across the globe. While many of these laws take inspiration from the GDPR, each brings with it nuanced approaches to data protection and information transfer restrictions along with unique cultural norms and legal systems. China and Brazil have new data protection and transfer rules, India is soon to join them and the UK is considering modernizing its framework. Developing data transfer compliance programs has become organizations’ top privacy challenge, kept outside counsel busy, and led policymakers to debate even the definition of data transfers themselves. Companies must adopt myriad country-specific transfer contracts to govern the crisscrossing data that fuels the global economy and informs our society. As data transfers transition from a transatlantic to a global challenge, is a more global approach possible?
• What will new global players in the field of data protection law mean for international transfers?
• How will the EU scale or shift its adequacy model?
• Will the US build on its APEC CBPR strategy as a potential multilateral alternative?
• Will the UK develop a meaningful new approach and what might that entail?