Together with Anu Talus, Chair of the European Data Protection Board; Tobias Judin, Head of International Department at the Norwegian Data Protection Authority; Kai Zenner, Head of Office and Digital Policy Adviser to MEP Axel Voss at the European Parliament; and Lorelien Hoet, Director of EU Government Affairs at Microsoft, we discussed the future of trustworthy international data transfers.
The exchange highlighted both the major progress achieved under the GDPR and the operational challenges that still remain. While the GDPR has elevated data protection standards globally and established widely used transfer mechanisms, legal uncertainty continues to affect organisations in practice. Against this background, panellists reflected on the growing complexity surrounding international transfers, while exploring ways to improve implementation and reinforce the risk-based approach envisioned by the GDPR. One key takeaway was that the GDPR framework already contains valuable but underutilized compliance tools. In particular, codes of conduct and certification were highlighted as important instruments to streamline compliance, harmonise technical and organisational measures, and strengthen trust in cross border data flows.
Five years on, the EU Cloud CoC remains an important example of how codes of conduct can support effective GDPR implementation in practice. Many thanks to all panellists for the insightful discussion — continued dialogue of this kind remains essential for developing workable and trustworthy compliance solutions.
