Extraterritoriality and regulation of international data transfers in EU data protection law

Research output: Contribution to journalJournal articleResearchpeer-review

45 Citations (Scopus)

Abstract

Use of the term ‘extraterritorial’ to describe the regulation of international transfers of personal data in European Union (EU) data protection law has led to confusion about the scope of such regulation. The distinction in data protection law between extraterritoriality ‘in scope’ and ‘in effect’ has become meaningless.
Extraterritoriality in EU regulation of international data transfers is intrinsically neither good nor bad; rather, its appropriateness depends on how it is used and implemented. Regulation of international data transfers in EU data protection law tends to apply in a ‘black or white’ fashion, without the safety valves necessary to prevent jurisdictional overreaching. This leads to increasing conflicts between EU law and the law of third countries. There is a need to determine the territorial boundaries of the application of EU data protection law and to take factors such as enforceability into account when doing so.
Original languageEnglish
JournalInternational Data Privacy Law
Volume5
Issue number4
Pages (from-to)235-245
Number of pages10
ISSN2044-3994
Publication statusPublished - 2015

Keywords

  • Faculty of Law
  • data protection
  • privacy
  • jurisdiction
  • extraterritoriality

Cite this