International Journal of Law and Information Technology Advance Access published online on August 13, 2007
International Journal of Law and Information Technology, doi:10.1093/ijlit/eam004
The "Final" Privacy Frontier? Regulating Trans-Border Data Flows
* Senior Lecturer in Commercial Law, University of Auckland. I am grateful to Alexandra Sims for her helpful comments on an earlier draft of this article. All errors are, of course, my own. g.gunasekara{at}auckland.ac.nz
 |
Abstract |
|---|
This article examines the threat to privacy posed by the transfer of personal information from one jurisdiction to another. Despite international trends towards greater protection of personal information significant challenges to personal privacy arise in this context. These include the use of outsourcing by businesses, the encroachment of security laws and the potential ‘spill-over’ of technologies developed for combating terrorism into the private sector. Also significant are technologies enabling the ‘profiling’ of individuals and ‘data mining’ across borders. Against this backdrop the article considers existing jurisdictional responses towards regulating personal information flows across borders. It considers various actual or proposed solutions including ‘safe-harbours’, contractual mechanisms and extra-territorial applications. The article concludes that many of the existing approaches to regulating trans-border information flows are to some extent deficient and suggests the need for a new ‘fourth generation’ set of data protection protocols. In formulating the latter, analogies are drawn from other relevant areas of the law in order to furnish creative solutions to the problem.