American companies that do business in the European Union need to be aware of—and comply with—Europe’s strict rules for transferring personal data to the United States.
Under a decade-old “Privacy Directive,” personal data transfers from the E.U. to outside countries must be given “adequate protection.” That includes protecting privacy, as well as other rights considered fundamental in the E.U., such as transparency, fairness and limits on how the data is used.
