2.4 The Global Dimension of Data Protection
2.4.1. CLARIFYING AND SIMPLIFYING RULES FOR INTERNATIONAL DATA TRANSFERS
We agree with the analysis that the adequacy assessments are have not been satisfactory, and that the procedures need to be clarified and streamlined. The issue of export of EU consumer and citizen personal information to third countries is increasingly acute given the almost total globalisation of data flows, including expansion of cloud computing services and the extensive use of call centres outside the EU. At the same time experience with existing international agreements has not been so good. We suggest that the EU-US Safe Harbor Framework be included in this review, as several studies have documented massive compliance failures and lackluster enforcement.
So we support the review of these provisions, and would urge that any future international agreements between the EU and third countries should reflect the high level of protection of privacy in the EU.
We also recommend that greater resources be expended on capacity building on privacy and data protection in third countries. Already vast resources are applied to helping other countries with policing powers, amongst other regimes of law, and we believe similar work is required to help third countries develop an understanding of privacy and data protection laws and regulations. Particular attention is required for developing countries where the need for accountability and transparency in processing by both the public and private sectors is vital to the protection of democratic values.
2.4.2 PROMOTING UNIVERSAL PRINCIPLES
We strongly support the continuation of a strong leadership role for the EU in promoting effective international data protection standards. We also believe in the need to develop universal principles and global standards, and as such are active civil society players in the work of the OECD and APEC, and have contributed to the development of the civil society Madrid Declaration as part of the International Privacy Commissioners 2010 Conference effort to promote global privacy standards. We particularly ask the Commission to support and actively contribute to the current revision of the OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal data, as an opportunity to ensure greater convergence with the EU framework and enhanced protection for individuals.