The Recommendation 01/2020 on measures that supplement transfer tool to ensure compliance with the EU protection of personal data raises serious concerns from companies:
- The analysis of local laws and possible supplementary security measures, to be put in place by private actors, adds inappropriate burden on companies. They call into question the provisions of the GDPR.
- The date of entry into force of this decision, which is immediately applicable, must be postponed and any retroactivty avoided.
Given this unsuitable text, companies are also advocating for the development of adequacy decisions and the long-term adoption of a more flexible approach to data transfer in the event of legal convergence.