Sharing Personal Data Across Borders is Dangerous
July 16th saw the announcement of the long-awaited ruling by the Court of Justice of the European Union (CJEU) over Facebook’s transfer of data from Ireland to the US. The so-called Schrems II judgment had an immediate impact on the legality of international data transfers between the EU and ‘third countries’, rendering the previous Privacy Shield and adequacy agreements invalid. In Facebook’s case, this ruling impacted the company’s practice of transferring data from Ireland to the U.S – and they’re not alone. Data Transfers have long been a key aspect of any multinational business’s operational framework, with thousands of companies across the U.S reliant on the previous adequacy agreements in place to ensure the successful transfer and processing of data in compliance with the GDPR
So, What’s Changed?
How can Trunomi help?
There is another way. Attestations.
Trunomi uses two core technologies, TruID and TruCert, to power Attestations. So what are Attestations? An Attestation is a digital record that can ‘attest’ to certain facts around Personal Data as being true without exposing the raw underlying personal data: e.g. has Customer X reached the required threshold of loyalty points? Is Customer Y over 18? The Attestation can provide a binary yes / no response as a means of sharing necessary facts around Customers and Customer Interactions and powering automated workflows without risking or exposing the underling raw personal data. As well as driving operational efficiencies, saving time, effort and cost by automating previously manual processes, Attestations also reduce risk by driving the GDPR principles of Data Minimisation and Privacy by Design. In the context of the Schrems II decision and the invalidation of the Privacy Shield, Attestations become an invaluable means of sharing necessary facts around customer data across international borders, without having to transfer raw Personal Data. Because they do not move or touch raw Personal Data, Attestations are bound neither by jurisdictional boundaries, nor by the Schrems II ruling.
Attestations are just one way in which Trunomi helps global organisations comply and be compliant with global, ever-changing Privacy Regulations.
If you’d like to learn how Attestations and Trunomi can help your organisation respond to the Privacy Regulations and the Schrems II decision, contact us or request a demo at [email protected].