Clearview AI has been investigated and sanctioned by a number of different EU data protection authorities. However, Italy’s recent sanction stood out as it also sanctioned Clearview for failure to appoint an Article 27 Representative.
They fined Clearview €600,000 (~$650,000) specifically for this failure. We believe this should be a wake-up call for all companies based outside of the European Union who handle European data subject to personal information.
Why is an EU-based Article 27 representative required?
The EU Data Protection Board requires US organizations doing business in the EU to appoint an EU-based representative to act as the local-facing contact for both regulators and EU citizens. GDPR requires ease of access to reach a company by the regulators or citizens, and a very timely response to inquiries or complaints.
Achieved Compliance offers a comprehensive and fixed-fee package that gets you into compliance with this requirement quickly and smoothly. Plus, you have access to the Achieved Compliance team to draw on its combined 40 years of client counseling and international policy experience. Our package includes:
You can schedule a 30-minute, No-Fee, No-Obligation consultation and we can explore how this issue specifically affects your company and how we can help.
The European Commission’s announced in December that it has begun its process to adopt an adequacy decision for the EU-U.S. Data Privacy Framework (the Framework). Companies seeking to transfer data from countries in the European Union to the United States will need to take steps to be in alignment with this new change.