The EU’s General Data Protection Regulation (GDPR) ostensibly outlaws barriers to the flow of personal data between EU countries, and in September 2017, the European Commission published a draft regulation for a similar rule on non-personal data transfers. Yet a plethora of questions remain. How effective will the two regulations be at ending data localization in practice? Just how easy is it to separate personal from non-personal data, and treat them according to separate laws? And how should policymakers address the remaining obstacles to data flows outside the union?
- Pearse O’Donohue, Acting Director of the Future Networks Team, European Commission—DG CONNECT
- Jean-Marc Leclerc, Government and Regulatory Affairs Executive, IBM
- Nick Wallace, Senior Policy Analyst, Center for Data Innovation