La transferencia internacional de datos en la Sociedad de la Información desde la óptica del Reglamento Europeo de Protección de Datos y la LOPDGDD

  1. Davara Fernández de Marcos, Elena Pilar
Supervised by:
  1. Miguel Ángel Davara Rodríguez Director
  2. Javier Wenceslao Ibáñez Jiménez Co-director

Defence university: Universidad Pontificia Comillas

Fecha de defensa: 03 November 2020

Committee:
  1. Ramón López Vilas Chair
  2. Abel B. Veiga Copo Secretary
  3. María Isabel Álvarez Vélez Committee member
  4. Manuel Marchena Gómez Committee member
  5. Antonio Troncoso Reigada Committee member

Type: Thesis

Teseo: 640736 DIALNET

Abstract

The thesis titled “The International Transfer of Data in the Information Society from the Viewpoint of the European Data Protection Regulation and the Organic Law on Personal Data Protection and Guarantee of Digital Rights” is structured in five Chapters in which we deal with the figure of the International Transfer of Data with a legal (analytical and rigorous) and practical approach, stating the development that this figure has undergone over the years, in the national, as well as in the European and international legal systems, in the latter based on the practical reality for this purpose in the United States, Japan and Latin American countries. The central point of the thesis is formed by the analysis of this figure in the two regulations that are included in the title: European Data Protection Regulation and the Organic Law 3/2018, of 5 December, on Personal Data Protection and Guarantee of Digital Rights, accompanied by an analysis of the most relevant texts issued to this effect by the European Commission, the European Data Protection Board, the European Data Protection Supervisor or the responsible bodies regarding data protection. Following research carried out, we have reached a total of eight conclusions, among which we emphasise the following: the convenience of self-regulation as a mechanism to legitimize International Transfers of Data to countries which do not have the Adequacy Decision; the need to improve the Privacy Shield by means of the inclusion of the duty of adherent entities to sign an Accountability agreement which offers maximum guarantees in the processing of the personal data of the interested parties; the proposal of creating a regulation of direct and indiscriminate application in the setting of Latin America which controls the cross-border flows of personal data both with the European Union and with the rest of the world and the convenience of encouraging the role of the mediator as the first figure to turn to in what is referred to by claims regarding International Transfer of Data.