Skip to main content

Legal Update

Binding Corporate Rules for processors launched

9 January 2013
Mayer Brown Legal Update

Data processors are now able to apply to use Binding Corporate Rules (BCRs) in order to move personal data outside of the European Economic Area while complying with European data protection legislation instead of having to implement and maintain sophisticated networks of data transfer contracts in the form of the standard contractual clauses approved by the European Commission.

The European data protection authorities convened together as the Article 29 Working Party (WP29) have announced that, as of 1 January 2013, data processors will be able to apply to a single lead data protection authority for approval to use Binding Corporate Rules in the same way as data controllers are able to. As a result, processors of personal data (e.g. IT outsourcing providers, data centre providers etc) will be able to receive personal data from their data controller clients and then transfer it while complying with the European rules on data protection. The lead data protection authority will take steps to liaise with the other European data protection authorities to obtain mutual recognition of a processor’s BCRs throughout Europe.

This will be welcome news to both processors and controllers alike, particularly those that undertake large-scale international data transfers who will no longer have to negotiate complicated data protection safeguards for every processing activity where the receiving party in question has implemented BCRs. Controllers will be able to demonstrate to their stakeholders and data protection authorities that their processing activities comply with European data protection law by working with processors that have already implemented approved BCRs.

Read a copy of the WP29 press release announcing this launch.


  • Mark A. Prinsley
    T +44 20 3130 3900
  • Oliver Yaros
    T +44 20 3130 3698
The Build a Report feature requires the use of cookies to function properly. Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently. If you do not accept cookies, this function will not work. For more information please see our Privacy Policy

You have no pages selected. Please select pages to email then resubmit.