On 15 May 2023, the opinion of the European Data Protection Supervisor (EDPS) on the "Recommendation for a Council Decision authorising the opening of negotiations for digital trade disciplines with the Republic of Korea and with Singapore” was issued. The recommendation in question aims to grant the Commission the authority to initiate negotiations with the Republic of Korea and Singapore. The purpose is to establish enforceable regulations pertaining to trade in goods and services facilitated through electronic means. These negotiations may encompass areas such as cross-border data flows, trust, data localisation requirements, and personal data protection. The EDPS emphasises that the protection of personal data is a fundamental right within the European Union and should not be subject to negotiations in the context of EU trade agreements, arguing that to facilitate personal data flows between the EU and third countries, the mechanisms provided under EU GDPR should be used. Regarding the Republic of Korea specifically, the EDPS notes that the Commission already granted an adequacy decision, and as a result, transfers of personal data from controllers or processors in the European Economic Area (EEA) to organizations in the Republic of Korea can occur without further authorisation. Therefore, the EDPS recommends providing a clearer explanation as to why, despite the adequacy decision, additional negotiations on cross-border data flows and data protection are deemed necessary in the case of the Republic of Korea.
Original source