Show Summary Details
Information Technology LawThe Law and Society

Information Technology Law: The Law and Society (5th edn)

Andrew Murray
Page of

Printed from Oxford Law Trove. Under the terms of the licence agreement, an individual user may print out a single article for personal use (for details see Privacy Policy and Legal Notice).

date: 25 April 2024

p. 65724. The international trade in personal datalocked

p. 65724. The international trade in personal datalocked

  • Andrew Murray


This chapter examines how data flows are managed by GDPR and UK GDPR. Strict rules of adequacy manage transfers between EEA and non-EEA states (including the UK) and recent challenges to agreed data equivalency rulings, in particular in the case of Maximillian Schrems v Data Protection Commissioner decision have proven challenging for regulators. This chapter will examine these challenges and what GDPR and UK GDPR says is permissible and what is not in relation to transfers to third countries. In addition, to the Schrems I decision the chapter also examines the more recent Digital Rights Ireland Ltd v European Commission and Data Protection Commissioner v Facebook Ireland Ltd and Maximillian Schrems (Schrems II) challenges to both adequacy rulings and standard contractual clauses. The chapter also examines the current state of UK adequacy and what challenges it might face.

You do not currently have access to this chapter

Sign in

Please sign in to access the full content.


Access to the full content requires a subscription