ABSTRACT
Abstract This article examines the threat to privacy posed by the transfer of personal information from one jurisdiction to another. Despite international trends towards greater protection of personal information significant challenges to personal privacy arise in this context. These include the usc of outsourcing by businesses, the encroachment of security laws and the potential 'spill-over' of technologies developed for combating terrorism into the private sector. Also significant are technologies enabling the 'profiling' of indhiduals and 'data mining' across borders. Against this backdrop the article considers existing jurisdictional responses towards regulating personal information flows across borders. It considers various actual or proposed solutions including 'safe-harbours', contractual mechanisms and extra-territorial applications. The article concludes that many of the existing approaches to regulating trans-border information flows are to some extent deficient and suggests the need for a new 'fourth generation' set of data protection protocols. In formulating the latter, analogies are drawn from other relevant areas of the law in order to furnish creative solutions to the problem.
