Sedona Conference on Cross-Border Data Transfers and Data Protection Laws – my takeaways

It was a privilege to be Chair of the 12th Annual Sedona Conference International Programme on Cross-Border Data Transfers and Data Protection Laws earlier this week.

The conference was attended by leading voices from data protection regulators and those involved with enhancing data protection legislation, as well as leaders from in-house and private practice.

The sessions discussed important topics regarding the development of laws in the EU, UK, US, Latin America and Asia. Perspectives were shared on:

• the benefits and burdens of three years of the GDPR in practice;
• information governance (or the impossibility of it in world that may be diverging more than converging) taking into account data transfers mechanism and ideas around the rise and meaning of data sovereignty;
• China's perspectives on privacy and its balancing of GDPR-style principles with Chinese characteristics;
• the practical implications of "extra-territorial effect" for those organisations subject to an increasing global patchwork of data protection laws, and for those enforcing them.

Unsurprisingly, with each topic we ran out of time, but each session planted seeds for new discussions and dialogue aimed at evolving the law in these important areas.

As the sessions are closed for the benefit of open-dialogue I will not be reporting in detail, but I am grateful to all the participants and those that led the discussions for making this such a memorable event. I am already looking forward to the 13th Annual Sedona Conference International Programme on Cross-Border Data Transfers and Data Protection Laws next year.