This book is the outcome of the meticulous research of Ms. Catarina Guerra Gonçalves for obtaining her master’s degree in International Business Law under my supervision, followed by a comprehensive update in 2016. Its subject matter of data collection and transborder transfer is highly relevant since data collection and transfer impact our daily lives, even if we are not always aware of it. Data collection and transfer of data is very commonly done by public authorities and commercial entities.
Governments collect data for statistics, taxation, combating of organised crime, … Companies are interested in personal data for human resources, business operation, and marketing purposes. Despite its importance and usefulness data collection risks undermining a fundamental human right, the right to privacy, which includes the protection of personal data against unwarranted intrusion. Especially in an era were data can be easily collected and stored electronically, a robust legal protection of personal data is quintessential to avoid that personal data are misused or are illegitimately made available to others. Furthermore, a legal protection must equally include provisions on the transfer of data to other jurisdictions. In a globalised world, data can be easily transferred to other jurisdictions, which do not offer the same or similar protection of personal data. In this respect, differences in legal protection may cause significant hurdles, as Facebook experienced in the EU, when the European Court of Justice in a preliminary ruling declared that the Safe Harbour agreement between the EU and the US was invalid because the US did not have adequate safeguards to protect personal data.