Saturday, 8th August 2020

Dealing with data transfers

Equinix is the first company to have its Binding Corporate Rules approved under the new GDPR regime.

Equinix has completed the rigorous process of Binding Corporate Rules (BCRs) approval by European Union (EU) regulators. In doing so, it becomes the first company to have its BCRs approved by the European Data Protection Board (EDPB) consisting of all 27 Member States set up under the new GDPR regime.


BCRs are designed to allow multinational companies to transfer personal data from the European Economic Area (EEA) to their affiliates located outside of the EEA, while adhering to the highest standards, as demanded by EU regulators. Achieving BCRs compliance ensures that the personal data flows that Equinix adopts to operate its global enterprise and support its global customer base are GDPR compliant. To achieve this, Equinix demonstrated its robust security parameters for obtaining, processing and storing personal data used in order to provide services to customers on its global platform.

The process to get the BCRs approved with the Information Commissioner’s Office in the U.K. (ICO) as the lead data protection authority, was conducted against the backdrop of uncertainty around Brexit and complicating factors as to what a possible no deal exit from the EU may mean for the standing of the ICO and the current BCRs application.

The BCRs certification comes as governments around the world consider and implement data privacy regulations modeled after the GDPR, including locations where Equinix does business, such as in California and Brazil. By ensuring data privacy compliance in any market deployed, Equinix’s global footprint enables its customers to conduct business in a way that can gain a competitive business advantage across the world’s digital economy. Indeed, 86% of Equinix customers deploy in multiple markets, with 73% of them operating across multiple regions.

In an independent survey commissioned by Equinix of over 2,450 IT decision-makers across the world, the resulting need for a focus on data regulations was highlighted. 69% of IT decision-makers globally listed complying with data protection regulations as a top priority for their business, while 43% of IT decision-makers globally reported changing regulatory requirements around data privacy are a threat to their company.

·The European Data Protection Board ensures the consistent application of GDPR throughout the European Economic Area and since GDPR took effect, has a role to play in approving Binding Corporate Rules (BCRs) applications.

·Historically, Equinix has used the EU Model Clauses in its inter-company agreements to facilitate such data transfers from the EU, which will continue to be in place, but the BCRs provide the added “gold standard” in providing adequate safeguards to enable intra-group transfers to meet operational requirements and to facilitate the transborder flow of data as necessary today to run a global enterprise.

·Following approval by the EDPB, the ICO as the lead data protection authority for Equinix’s BCRs application, proceeded to formally approve and adopt the BCRs.

·Equinix’s BCRs cover personal data transferred from legal entities of Equinix in the EU worldwide, including employee and business contact information, i.e., customer, partner, supplier and vendor information.

·These BCRs are a critical part of the overall Equinix Global Privacy Policy, that ensures data privacy compliance managed by the Equinix Privacy Office, and in a manner that supports Equinix’s global corporate strategy.

Yet only four out of 10 security leaders in the UK can answer the question, “How secure, or at risk,...
Half of first-time security analysts working in Security Operations Centres (SOCs) plan to leave aft...
Featuring on-premises, controllable enterprise proxy to securely monitor and process automated certi...
LogRhythm has released its report, The State of the Security Team: Are Executives the Problem? The s...
New release brings cloud-native attacks and vulnerabilities to the forefront of the SOC, gives enter...
New research from email security firm Tessian reveals why people make mistakes, how blurred lines be...
The SonicWall Capture Labs threat research team has published the mid-year update to the 2020 SonicW...
BSA | The Software Alliance is pleased that the decision by the European Court of Justice (ECJ) uphe...