Data protection: Art. 29 Working Party guidelines on BCRs EBF comments
EBF advisor: Helene Benoist
Article 29 Data Protection Working Party: EBF’s comments on the WP29 updated adequacy referential and working document on BCRs (wp254 & wp256) k
Publication date: 17 January 2018
The European Banking Federation (EBF) welcomes the Article 29 Data Protection Authority (hereafter ‘WP29’) paper on Binding Corporate Rules (BCRs) and the updated adequacy referential which provide further clarity on how international data transfers will be managed under the General Data Protection Regulation (GDPR).
Cross-border data transfers are today an important part of the modern global economy as data has become its lifeblood. Digital trade and cross-border data flows are expected to continue to grow faster than the overall rate of global trade.
Financial institutions often need to process personal data within the group of which they are members in order to achieve objectives, such as offering a broader variety of products to the clients, or, efficiently tackling fraud. In that respect, clarity and legal certainty are necessary.
Nevertheless, there will be greater difficulties going forward for three reasons:
The new provisions in the GDPR will make third country transfers more difficult. Under the GDPR, the possibility to make an internal adequacy decision within the firm is no longer possible.
However, the slowness of the BCRs adoption process is today an important obstacle. We note that BCRs currently require 18 months or more to be approved and demand will likely increase under the GDPR.
There is uncertainty over firms’ ability to rely even on the safeguards provided for under the GDPR. The EU-U.S. Privacy Shield and SCCs, for example, have an uncertain future, given the striking down of the Safe Harbour adequacy decision in 2015 and a more recent court challenge against SCCs and referral to the Court of Justice of the European Union (“Schrems II”).
We believe further assessment should be conducted on the barriers that prevent banks from processing or storing data inside and outside the EU (linked to data protection, confidentiality, bank secrecy requirements, etc.). Ultimately, there should also be a clear legal basis to share information among jurisdictions at group company level.
We carried out a regulatory mapping exercise of crypto-assets that led to the conclusion that EU legislation would be needed in this area. We welcome the initial work done by central banks on assessing the merits of central bank digital currencies. #WEF20
The @EU_Commission intends to propose 🇪🇺 legislation later this year on a common approach to crypto-assets, including stablecoins. We need to act quickly. Already launched a public consultation on how these rules should look, everybody can contribute. It is open until 19 March‼️
It was a pleasure to share the stage with @blackrock CEO Larry Fink today! We had a great discussion about the role of the financial sector in tackling #inequality and #climate related risks. Watch it here: https://t.co/mHW5yMkLvx
The EBF is the voice of the European banking sector, bringing together national banking associations from 45 countries. The EBF is committed to a thriving European economy that is underpinned by a stable, secure and inclusive financial ecosystem, and to a flourishing society where financing is available to fund the dreams of citizens, businesses and innovators everywhere.
56 Avenue des Arts
The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.