Transboundary Challenges of Privacy Protection (EINS Summer School 2012)

While in the era of cloud computing the protection of Internet users’ privacy is a growing need, there are no effective international legal solutions in place. The existing Safe Harbor Principles, meant as a guarantee of respecting stringent EU data protection standards by US companies are subject to strong and well deserved criticism. In this presentation, Dr Kulesza addresses the need for change in the existing trans-Atlantic personal data exchange agreements, with reference to the latest EU proposed development in the area, a regulatory model based on amended Binding Corporate Rules (BCRs), as introduced by EU Justice Commissioner Reding in late 2011. She describes how the upcoming reform of EU data protection regulations includes a proposed modification in EU approach to corporate personal data protection policies and introduction of far going simplifications for companies acting on the EU market. The results of the planned changes in EU legislation would cause effects world-wide, as they apply to online activities of international companies in the transboundary cyberspace.

She further describes the BCRs proposal and deliberated upon the likelihood of its application as well as scenarios alternative to the EU-proposed model, including a vision of loosely intertwined, firewall guarded national areas in cyberspace where privacy would be secured according to varying national standards – a ‘splinternet’ operating on elaborate software and stringent legislation. She offers an international law solution to this challenge and emphasized the significance of the EU BCRs proposal.