Data Shipping: Are you shipping PII across borders?

<- Back to all Blogs
5 min Read   | 
Published: Thu Feb 3 2022

In today’s world, moving and sharing data containing personally identifiable information (PII) is commonplace. However, due to recent rulings – for example, in July 2020 the Court of Justice of the European Union invalidated the EU-US Privacy Shield, historically a mechanism allowing the transfer of personal data from the EU to the United States – this has now created a new headache for global organisations.

Data Shipping: Are you shipping PII across borders?

The Problem

Regulations are starting to indicate that PII should reside where it is captured. This means no onward transfer of PII, especially across certain geographic borders. GDPR was designed to protect the data of European citizens wherever they are in the world and today when a company ships a European citizen’s data, it must be done with GDPR in mind.

One of the challenges now facing organisations is how they can share the intelligence of PII without sharing the PII itself. This type of challenge requires new ways of collecting and using data, not one that is simply based on copy and transfer as we do today, but one that deals with data minimisation and data intelligence in the same breath.

There is currently a lot of news surrounding NFT (Non-Fungible Tokens) and Smart Contracts – could this be a way to solve the challenges organisations now face?

Our Solution

For many years our customers have been using TruCert™ technology, which has been likened to many of the principles contained within NFTs and Smart Contracts. Using TruCert™ organisations can share all the intelligence of raw data without any of the risk. TruCert™ can be used to provide intelligence without exposing the raw PII, which can then be interpreted by both companies and systems alike so that decisions can be made around PII without the need to share the raw data itself. Companies can be assured that once the intelligence has been embedded into our TruCert™, it is done so in a Non-Fungible or immutable way, meaning it is tamper-proof, time-stamped and audit-ready.

Companies can now meet all of their regulatory requirements by taking advantage of these technologies without any increase in risk. Applied in the right way, Trunomi helps organisations meet their compliance needs and allows them to be ready for Web 3.0 when it arrives. These technologies can also help organisations meet and support wider ESG initiatives, all while increasing revenue, loyalty and service.

For more information on how we are helping organisations today, get in touch and we will be happy to share.