Harry Cassin
Publisher and Editor

Andy Spalding
Senior Editor

Jessica Tillipman
Senior Editor

Richard L. Cassin
Editor at Large

Elizabeth K. Spahn
Editor Emeritus

Cody Worthington
Contributing Editor

Julie DiMauro
Contributing Editor

Thomas Fox
Contributing Editor

Marc Alain Bohn
Contributing Editor

Bill Waite
Contributing Editor

Shruti J. Shah
Contributing Editor

Russell A. Stamets
Contributing Editor

Richard Bistrong
Contributing Editor

Eric Carlson
Contributing Editor

Bill Steinman
Contributing Editor

Conflicts between GDPR and corporate anti-bribery compliance: OECD Working Group invites comments

In response to the OECD Working Group on Bribery’s (WGB) call for comments from stakeholders as part of its upcoming review of the 2009 OECD Anti-Bribery Recommendation, TRACE has submitted its overview of the significant challenges the new EU data protection legislation poses to corporate anti-bribery compliance programs. 

Specifically, our submission describes in detail the ways in which the GDPR and other similar personal data protection laws create new significant liability risks for companies and add costly and time-consuming obligations when the companies carry out best-practice anti-bribery compliance processes. 

Given that the GDPR is being considered by many countries as a model for implementing similar data protection laws in their jurisdictions, our submission calls on OECD members — most of which are member states of the EU and European Economic Area — to provide companies with detailed guidance on how the challenges posed by the GDPR to anti-bribery compliance programs may be resolved in practice. 

We also suggest that the OECD should make a recommendation for member countries to subject their existing and pending personal data protection legislation to review and consultation by relevant government departments and other stakeholders regarding the impact of such legislation on anti-bribery compliance, incentivizing good corporate behavior, and on the countries’ international anti-bribery commitments. 

Finally, countries should seek ways to harmonize their approaches to the equally important goals of fighting corruption and protecting personal data rights of individuals.… Continue Reading

Illya Antonenko: Should U.S. companies even care about GDPR?

We’re based in the United States, so how does the GDPR concern us?

GDPR’s Article 3(1) ties the GDPR’s territorial scope to being established in the EU, while Article 3(2)(a) extends the GDPR’s reach to those non-EU companies that offer products or services to individuals in the EU.… Continue Reading