EU adopts ICC tool to streamline data transfers

  • 21 March 2007

ICC’s initiative to help businesses demonstrate their compliance and standardize the process for transferring data internationally from any EU country is now the foundation of the form adopted by all European data protection authorities.

Until ICC introduced its standard application last September, companies had to submit different application forms to each EU member state when asking data protection authorities to approve their Binding Corporate Rules (BCRs) – corporate codes which contain measures to ensure data protection in transfers from one country within the EU to a country outside it.

“The ICC standardized form was submitted to the working group of European data protection authorities for discussion and they have recently adopted their own version, which contains certain changes, but is principally based on the ICC version,” said Christopher Kuner, newly appointed Vice-Chair of ICC’s Commission on E-Business, IT and Telecoms (EBITT) and Chair of the ICC Task Force on Privacy and Protection of Personal Data, which developed the form.

In a letter, the chair of the group of European data protection authorities (Article 29 Working Party), German Federal Data Protection Commissioner Peter Schaar, thanked the members of the ICC Task Force “for your valuable input facilitating the work of the Article 29 WP in this field”.

Announced at the 19-21 March meetings in Paris of the EBITT Commission and ICC’s initiative, Business Action to Support the Information Society (BASIS), this achievement was one of many recent strides ICC has made addressing diverse and timely Internet, IT and Telecoms issues affecting businesses around the world.

The Chair of BASIS & EBITT and Chairman and CEO of TAGI, Talal Abu-Ghazaleh, praised the efforts of the task force in providing this practical and necessary tool for businesses around the world with interests in Europe.

In Asia, ICC has also been actively engaged in these issues. After securing guest status in 2004 in the Asia Pacific Economic Cooperation (APEC) Electronic Commerce Steering Committee, ICC has been mobilizing business representatives and ICC national committees across the APEC region to assist in the implementation of the APEC Privacy Framework, adopted in November 2004.

The framework was developed for APEC member economies’ needs and aims to protect personal information and cross-border data transfers. ICC, in cooperation with the APEC Business Advisory Council, has been promoting this framework throughout its development and implementation, including the upcoming rollout of a pilot project.

“Information and communications technologies and the Internet are of great importance to businesses in all sectors and increasingly in all areas of the world,” Mr Abu-Ghazaleh said. “We cannot take the current infrastructures for granted – the appropriate legal, regulatory and policy frameworks have to be in place to ensure current activities do not translate into cost burdens and losses for businesses, governments and users.”