The European Commission has decided that the data protection
laws of Canada give adequate protection for personal data
transferred from the EU. Canada joins Switzerland and Hungary as
the only non-EU countries to which EU businesses can currently
transfer personal data without the need for additional guarantees
which are necessary in transfers to other countries.
The EU's Data Protection Directive provides that the transfer of
personal data to a non-EU country may take place only if that
country ensures an adequate level of protection. This can be an
administrative barrier for many businesses with offices outside the
EU which cannot share, for example, customer databases unless
special agreements are entered into.
The Commission based its formal Decision on Canada's information
protection legislation of 2000. The Decision was made on 20th
December and published yesterday.
