Data crossing borders

The cross-border sharing of personal data to combat coronavirus raises questions under the EU General Data Protection Regulation 2016/679 (the GDPR) – two of which will be dealt with here. The first question is whether EU data protection law is flexible enough to allow the international sharing of personal data to fight the pandemic. Secondly, data protection law has traditionally been shaped by pivotal events in history (think of the effect that the reaction to the terrorist attacks of 11 September 2001 had on data protection law), and one can ask what implications the crisis will have on the future development of data transfer regulation.