Rina Steenkamp - Privacy and technology

My annotated General Data Protection Regulation

Chapter V Transfer of personal data to third countries or international organisations

Article 45 International co-operation for the protection of personal data

October 2013

Article 45(1)

1. In relation to third countries and international organisations, the Commission and supervisory authorities shall take appropriate steps to:

Article 45(2)

2. For the purposes of paragraph 1, the Commission shall take appropriate steps to advance the relationship with third countries or international organisations, and in particular their supervisory authorities, where the Commission has decided that they ensure an adequate level of protection within the meaning of Article 41(3).

[Source: October 2013]

Recital 91

(91) When personal data moves across borders it may put at increased risk the ability of individuals to exercise data protection rights in particular to protect themselves from the unlawful use or disclosure of that information. At the same time, supervisory authorities may find that they are unable to pursue complaints or conduct investigations relating to the activities outside their borders. Their efforts to work together in the cross-border context may also be hampered by insufficient preventative or remedial powers, inconsistent legal regimes, and practical obstacles like resource constraints. Therefore, there is a need to promote closer co-operation among data protection supervisory authorities to help them exchange information and carry out investigations with their international counterparts.

[Source: October 2013 | Notes: Recitals | Context: Recitals]

January 2012

Explanatory memorandum

3.4. Detailed explanation of the proposal

Article 45 explicitly provides for international co-operation mechanisms for the protection of personal data between the Commission and the supervisory authorities of third countries, in particular those considered offering an adequate level of protection, taking into account the Recommendation by the Organisation for Economic Co-operation and Development (OECD) on cross-border co-operation in the enforcement of laws protecting privacy of 12 June 2007.

[Source: January 2012 | Context: Proposal from the European Commission]

Article 45(1) [Amended: October 2013]

1. In relation to third countries and international organisations, the Commission and supervisory authorities shall take appropriate steps to:

Article 45(2)

2. For the purposes of paragraph 1, the Commission shall take appropriate steps to advance the relationship with third countries or international organisations, and in particular their supervisory authorities, where the Commission has decided that they ensure an adequate level of protection within the meaning of Article 41(3).

[Source: January 2012 | Context: Proposal from the European Commission]

Recital 91

(91) When personal data moves across borders it may put at increased risk the ability of individuals to exercise data protection rights in particular to protect themselves from the unlawful use or disclosure of that information. At the same time, supervisory authorities may find that they are unable to pursue complaints or conduct investigations relating to the activities outside their borders. Their efforts to work together in the cross-border context may also be hampered by insufficient preventative or remedial powers, inconsistent legal regimes, and practical obstacles like resource constraints. Therefore, there is a need to promote closer co-operation among data protection supervisory authorities to help them exchange information and carry out investigations with their international counterparts.

[Source: January 2012 | Notes: Recitals | Context: Proposal from the European Commission, Recitals]