Extraterritoriality and regulation of international data transfers in EU data protection law

Research output: Contribution to journalArticlepeer-review

29 Citations (Scopus)

Abstract

Use of the term “extraterritorial” to describe the regulation of international transfers of personal data in EU data protection law has led to confusion about the scope of such regulation. Any distinction between extraterritoriality “in scope” and “in effect” has become meaningless. Extraterritoriality in EU regulation of international data transfers is intrinsically neither good nor bad; rather, its appropriateness depends on how it is used and implemented. Regulation of international data transfers in EU data protection law tends to apply in a “black or white” fashion, without the safety valves necessary to prevent jurisdictional overreaching. This leads to increasing conflicts between EU law and the law of third countries. Attention should turn from deciding whether a particular exercise of jurisdiction is extraterritorial, to determining the conditions under which it can be appropriate. The controversy surrounding extraterritoriality illustrates the need to set boundaries to the application of EU data protection law.
Original languageEnglish
Pages (from-to)235-245
Number of pages10
JournalInternational Data Privacy Law
Volume5
Issue number4
Publication statusPublished - 2015

Keywords

  • Data protection
  • privacy
  • jurisdiction
  • extraterritoriality

Fingerprint

Dive into the research topics of 'Extraterritoriality and regulation of international data transfers in EU data protection law'. Together they form a unique fingerprint.

Cite this