Companies using U.S.-based cloud service providers or accessing data on European workers from abroad risk running afoul of the bloc’s rules on transatlantic data transfers under draft guidance being finalized by regulators.
The two scenarios are common for companies with a global footprint, raising concerns about compliance. Many companies are looking to the European Data Protection Board to clarify the issue as it finalizes its recommendations, which are open for public comment until Dec. 21.
The recommendations are meant to offer alternative ways to comply with European data rules after a July court ruling struck down the EU-U.S. Privacy ...