EGDF response on the EDPB Recommendations 01/2020 on measures that supplement transfer tools to ensure compliance with the EU level of protection of personal data

In general

  • The free flow of data between the EU and third countries is crucial for European game developer studios.  
  • The EDPB should focus on security measures instead of regional data access limitations.
  • The EDPB Recommendation document should take a more risk-based approach
  • European SMEs rarely have sufficient resources to case-by-case map and analyse laws and practices undermining their users’ privacy globally.
  • In order to bring legal certainty on international data transfers, EDPB must also publish country-specific recommendations. 
  • The Recommendations should provide solutions that would qualify as supplementary measures for the use of central systems and services in global organisations.
  • The Recommendations should define a grace period, aligned with the one offered for Standard Contractual Clauses.

The full position paper can be downloaded from here:

The broader EGDF approach on privacy and data protection can be accessed here: