The European Data Protection Board (“EDPB”) released draft guidelines on the interplay between Article 3 GDPR – which sets out the GDPR’s territorial scope – and the provisions in Chapter V of the GDPR, which impose restrictions on international data transfers. In this draft guidance, the EDPB clarifies which (cumulative) criteria must be fulfilled in order to have a transfer of personal data to a third country or to an international organization, under the GDPR. The EDPB also discusses some of the consequences of international data transfers, in terms of making sure that appropriate safeguards are provided when transferring personal data outside of the EU.
TikTok Faces €500 Million Fine for Data Transfer to China
TikTok faces a fine over €500 million for transferring European user data to China, with an impending decision from Ireland's […]