Roundup of Cross-Border Data Transfer Developments

By Dan Cooper & Nicholas Shepherd on November 10, 2025

Posted in Cross-Border Transfers, Data Privacy, Data Transfers, EU Adequacy Decision, EU Data Protection, EU-U.S. Data Privacy Framework, European Union, GDPR, International, Privacy and Data Security, United Kingdom, United States

Over the past few months, there have been several notable developments in the cross-border data frameworks of the U.S., EU, UK, Brazil, and several Asia Pacific (“APAC”) countries. These developments reflect evolving regulatory approaches to international data flows, trade agreements, and national security priorities—each with certain nuances and particularities that multinational companies need to understand and be prepared to navigate.

This blog post provides a brief summary of these developments and key takeaways for companies transferring personal data to or from these jurisdictions. Continue Reading Roundup of Cross-Border Data Transfer Developments

European Commission Retains Adequacy Decisions for Data Transfers to Eleven Countries

By Dan Cooper & Laura Somaini on January 17, 2024

Posted in Cross-Border Transfers, Data Privacy, EU Adequacy Decision, EU Data Protection, GDPR

On January 15, 2024, the European Commission released its report on the first review of the functioning of the existing eleven adequacy decisions adopted under the pre-GDPR framework.

The Commission concluded that personal data transferred from the European Economic Area to any of Andorra, Argentina, Canada (for PIPEDA-regulated entities), the Faroe Islands, Guernsey, Isle of Man, Israel, Jersey, New Zealand, Switzerland and Uruguay continue to receive an adequate level of protection.Continue Reading European Commission Retains Adequacy Decisions for Data Transfers to Eleven Countries

Inside Privacy

EU Adequacy Decision

About this Blog