This is a really good article by Annabelle Hamelin and Michael Schwaab from the Freshfields team. In the article they, along with their co-authors, look into the key trends they are expecting to see in 2021 on the data protection side of things.
This piece also touches on the first and last trend they raise around data transfers still being in the spotlight. This is always going to be a challenge as organisations seek to manage operational overheads and deliver cost savings whilst seeking to capitalise on the benefits that technological advances and innovations can undoubtedly deliver.
Ultimately, technology drives people to centralise and mine data centrally both to reduce costs and derive value – but the transfer of datasets containing personal data (never mind what you actually do with it) is well within the scope of data protection regulation. This presents compliance challenges for many companies which has been exacerbated by last summer’s ‘Schrems II’ CJEU ruling, the fallout from Brexit and the ‘will they, won’t they’ debate as to whether the UK will receive an ‘adequacy’ decision from the European Commission to ensure the continued free-flow of personal data with the rest of the EEA.
Our Privacy & Data Compliance Services practice has significant experience in supporting multinational organisations who find themselves in the juxtaposition of trying to reduce data hosting costs whilst navigating an increasingly complex legislative and geo-political landscape and its impact on the cross-border movement of data.
This is something that we are regularly assisting clients with, specifically ensuring that they navigate those battling demands efficiently and effectively.
My colleague Robert Grosvenor has plenty to say on this if you are interested.
For a long time now, anonymisation has been at the heart of discussions and many DPAs, such as those in Ireland and Spain, have already issued related guidelines.