Amendment LIBE #2464

Article 42 – Paragraph 5

5. Where the appropriate safeguards with respect to the protection of personal data are not provided for in a legally binding instrument, the controller or processor shall obtain prior authorisation for the transfer, or a set of transfers, or for provisions to be inserted into administrative arrangements providing the basis for such transfer. Such authorisation by the supervisory authority shall be in accordance with point (a) of Article 34(1).for example in a memorandum of understanding, the controller shall ensure compliance of the intended processing with this Regulation and mitigate any risks involved for the data subject. The supervisory authority shall support the compliance of the Regulation by providing guidance and advice under this provision. If the transfer is related to processing activities which concern processing concerns data subjects in another Member State or other Member States, or substantially affect the free movement of personal data within the Union, the supervisory authority shall apply the consistency mechanism referred to in Article 57EDPB shall provide guidance to ensure consistent application of the Regulation, taking into account the specific circumstances of individual Member States. Authorisations by a supervisory authority on the basis of Article 26(2) of Directive 95/46/EC shall remain valid, until amended, replaced or repealed by that supervisory authority.

Current Data Privacy Rating is : weaker    Baroness Sarah Ludford United Kingdom ALDE


comments powered by Disqus