France’s Data Protection Authority, the CNIL, has announced it “will grant a single decision (autorisation unique) to each group that adopted BCR (or francophone BCR),” noting, “group entities subject to compliance with the French Data Protection Act will no longer have to apply for each transfer outside of the European Union to be granted an authorisation.” Groups will instead file a “compliance commitment” through the CNIL’s website, and once compliance commitments are complete, “controllers will have to keep an up-to-date list of each transfer, which shall be communicated to CNIL upon request,” the report states.
Full Story
Comments
If you want to comment on this post, you need to login.