17 July, 2023

ETNO statement on International Data Transfers

In the last years, new regulatory frameworks that guarantee user privacy in the digital environment have been adopted worldwide, from Africa, to South America and Asia.

The year 2018 marked a turning point in Data Protection with key developments:

• Application of the General Data Protection Regulation (GDPR). The “GDPR-model” has been exported to other jurisdictions around the world.
• California adopted its Consumer Privacy Act (CCPA), which was the first comprehensive State’s privacy regulation in the US. It has been followed by similar comprehensive data privacy laws in other nine States[1], while several comprehensive consumer privacy bills are currently being examined in nine more States.
• Brazilian Data Protection Law was passed in August 2018 and entered into effect in 2020.

This trend continues with in Africa, with Kenia having adopted a comprehensive Data Protection Law in 2019 and up to thirty-six (out of fifty-four) African countries having passed Data Protection Laws or Regulations, and in South America, with new Laws in Ecuador, Colombia and important legislatives developments in Chili and Argentina to update their current Laws.

These regulatory developments in different continents have improved the levels of awareness, digital trust and confidence amongst citizens.

[1] Colorado, Connecticut, Indiana, Iowa, Montana, Tennessee, Texas, Utah, Virginia.

We elaborate on our recommendations in the paper. For questions and clarifications regarding this position paper, please contact Paolo Grassia (grassia@etno.eu), Director of Public Policy at ETNO.