skip to main content
Close Icon We use cookies to improve your website experience.  To learn about our use of cookies and how you can manage your cookie settings, please see our Cookie Policy.  By continuing to use the website, you consent to our use of cookies.
Global Search Configuration

Ovum view


EU institutions are still negotiating the final version of the long-awaited Data Protection Regulation, but a new provision in the text is a source of concern for businesses. The new version of Article 43a would leave companies to deal with conflicting legislations on transfer of personal data; more broadly, it highlights the need for greater cooperation between regulators across countries.

Stricter rules on data transfer will leave companies to decide which rules to breach

Despite reaching an advanced stage of the formal process leading to approval, the new European Data Protection Regulation still faces significant obstacles and remains some way from being passed. Industry associations are now concerned about a proposed amendment to the rules covering the transfer of personal data outside the EU. This concern was highlighted by a statement released at the end of August 2015 by the European Data Coalition, which groups together approximately 20 companies, including Apple and AT&T.

If passed in its current form, Article 43a would forbid companies to comply with a request for personal data from the public authority of a third country, because no decision of a court or administrative authority could be enforceable. Although this is an effort in good faith to protect EU citizens’ privacy and to prevent the bulk collection of personal data from third countries, its practical consequence is likely to be much less desirable. Companies will have to deal with conflicting legislations; in practice, they will often have to make a decision as to whether to breach EU rules or the rules of a third country (very often this will be US legislation given that many tech and internet companies are based there). It is expected that companies will generally opt to flout the legislation with less harsh penalties. This means that if the EU rules are to be enforced effectively they will have to come with a heavy set of sanctions.

Regardless of EU institutions’ ability to come up with effective rules on this aspect of data regulation, the issue highlights one of the unresolved issues of data protection in the digital age – the need for regulators in different countries to work together and come to a comprehensive agreement on data protection rules. As end users become increasingly sensitive to privacy issues online, and regulators adjust their frameworks to capture ongoing technological developments, companies will be expected to comply with inconsistent sets of rules.

If the issue is not tackled adequately, it could lead to an undesired balkanization of the Internet. Lack of mutual trust between countries may lead regulators to put more obstacles in the way of the transfer of personal data abroad. In such a scenario, small companies, which have often been a primary source of innovation in recent years, may suffer the most because they will struggle to meet the cost of complying with complex and inconsistent regulation.


Further reading

Data Protection Tracker: 1Q15, TE0007-000867 (January 2015)

Current Status and Future Developments in Data Protection, TE0007-000812 (August 2014)


Luca Schiavoni, Senior Analyst, Regulation

Recommended Articles

  • Service Provider Markets, Consumer & Entertainment Services,...

    MWC 2018 Highlights

    By Ronan De Renesse 27 Feb 2018

    Over 20 of our senior Ovum analysts and consultants attended this year’s Mobile World Congress in Barcelona at the end of February. In between meetings, briefings and presentations, our analyst team were blogging and tweeting about key developments, trends and rumors. Have a look through our daily MWC 2018 Highlights to find out what happened.

    Topics 5G AI IoT Cloud Payments SDN/NFV Smart home

  • Internet of Things

    IoT Viewpoints 2018

    IoT Viewpoints explore the IoT opportunity in 2018 and beyond. Download our latest e-book to get our newest collection of thought leadership articles on the emerging IoT trends, technologies and opportunities.

    Topics IoT

  • Consumer & Entertainment Services

    US pay TV: Is it facing an existential threat?

    By Adam Thomas 28 Mar 2018

    With US pay TV having endured the worst year in its history, thoughts have inevitably turned to the future. The likelihood remains that the immediate future will remain highly uncomfortable for everyone except the scaled multinational digital platforms.


Have any questions? Speak to a Specialist

Europe, Middle East & Africa team - +44 (0) 207 017 7700

Asia-Pacific team - +61 (0)3 960 16700

US team - +1 646 957 8878

Email us at

You can also contact your named/allocated Client Services Executive using their direct dial.
PR enquiries - Call us at +44 788 597 5160 or email us at

Contact marketing -

Already an Ovum client? Login to the Knowledge Center now