<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE article PUBLIC "-//NLM//DTD JATS (Z39.96) Journal Publishing DTD v1.3 20210610//EN" "JATS-journalpublishing1-3.dtd">
<article article-type="research-article" dtd-version="1.3" xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xml:lang="en"><front><journal-meta><journal-id journal-id-type="publisher-id">digitallaw</journal-id><journal-title-group><journal-title xml:lang="en">Journal of Digital Technologies and Law</journal-title><trans-title-group xml:lang="ru"><trans-title>Journal of Digital Technologies and Law</trans-title></trans-title-group></journal-title-group><issn pub-type="epub">2949-2483</issn><publisher><publisher-name>Kazan Innovative University named after V. G. Timiryasov</publisher-name></publisher></journal-meta><article-meta><article-id pub-id-type="doi">10.21202/jdtl.2024.45</article-id><article-id custom-type="edn" pub-id-type="custom">MJUIGD</article-id><article-id custom-type="elpub" pub-id-type="custom">digitallaw-488</article-id><article-categories><subj-group subj-group-type="heading"><subject>Research Article</subject></subj-group><subj-group subj-group-type="section-heading" xml:lang="en"><subject>ARTICLES</subject></subj-group><subj-group subj-group-type="section-heading" xml:lang="ru"><subject>СТАТЬИ</subject></subj-group></article-categories><title-group><article-title>Overcoming Illegal Cross-border Transfer of Personal Data</article-title><trans-title-group xml:lang="ru"><trans-title>Преодоление нелегальной трансграничной передачи персональных данных</trans-title></trans-title-group></title-group><contrib-group><contrib contrib-type="author" corresp="yes"><contrib-id contrib-id-type="orcid">https://orcid.org/0000-0002-0869-601X</contrib-id><name-alternatives><name name-style="eastern" xml:lang="ru"><surname>Бахтеев</surname><given-names>Д. В.</given-names></name><name name-style="western" xml:lang="en"><surname>Bakhteev</surname><given-names>D. V.</given-names></name></name-alternatives><bio xml:lang="ru"><p>Бахтеев Дмитрий Валерьевич – доктор юридических наук, доцент, профессор кафедры криминалистики имени И. Ф. Герасимова, заведующий лабораториейцифровых технологий в криминалистике</p><p> 620066, Россия, г. Екатеринбург, ул. Комсомольская, 21</p><p>Scopus Author ID: https://www.scopus.com/authid/detail.uri?authorId=57208909117</p><p>WoS Researcher ID: https://www.webofscience.com/wos/author/record/ABA-1494-2020</p><p>Google Scholar ID: https://scholar.google.ru/citations?user=h0zOOdcAAAAJ</p><p>РИНЦ Author ID: https://elibrary.ru/author_items.asp?authorid=762765</p></bio><bio xml:lang="en"><p>Dmitriy V. Bakhteev – Dr. Sci. (Law), Professor, Department of Criminalistic named after I. F. Gerasimov, Head of Laboratory of Digital Technologies in  Criminalistic </p><p>21 Komsomolskaya Str., 620066, Yekaterinburg</p><p>Scopus Author ID: https://www.scopus.com/authid/detail.uri?authorId=57208909117</p><p>WoS Researcher ID: https://www.webofscience.com/wos/author/record/ABA-1494-2020</p><p>Google Scholar ID: https://scholar.google.ru/citations?user=h0zOOdcAAAAJ</p><p>РИНЦ Author ID: https://elibrary.ru/author_items.asp?authorid=762765 </p></bio><email xlink:type="simple">ae@crimlib.info</email><xref ref-type="aff" rid="aff-1"/></contrib><contrib contrib-type="author" corresp="yes"><contrib-id contrib-id-type="orcid">https://orcid.org/0000-0002-1631-9265</contrib-id><name-alternatives><name name-style="eastern" xml:lang="ru"><surname>Сосновикова</surname><given-names>А. М.</given-names></name><name name-style="western" xml:lang="en"><surname>Sosnovikova</surname><given-names>A. M.</given-names></name></name-alternatives><bio xml:lang="ru"><p>Сосновикова Анна Михайловна – стажер-исследователь лаборатории цифровых технологий в криминалистике</p><p>620066, г. Екатеринбург, ул. Комсомольская, 21</p><p>WoS Researcher ID: https://www.webofscience.com/wos/author/record/KDP-3525-2024</p><p>Google Scholar ID: https://scholar.google.ru/citations?user=BLBhZHMAAAAJ</p><p>РИНЦ Author ID: https://elibrary.ru/author_items.asp?authorid=1196069</p></bio><bio xml:lang="en"><p>Anna M. Sosnovikova – probation researcher of the Laboratory for digital technologies in Criminalistic</p><p>21 Komsomolskaya Str., 620066, Yekaterinburg</p><p>WoS Researcher ID: https://www.webofscience.com/wos/author/record/KDP-3525-2024</p><p>Google Scholar ID: https://scholar.google.ru/citations?user=BLBhZHMAAAAJ</p><p>RSCI Author ID: https://elibrary.ru/author_items.asp?authorid=1196069 </p></bio><email xlink:type="simple">at@crimlib.info</email><xref ref-type="aff" rid="aff-1"/></contrib><contrib contrib-type="author" corresp="yes"><contrib-id contrib-id-type="orcid">https://orcid.org/0009-0002-3301-9720</contrib-id><name-alternatives><name name-style="eastern" xml:lang="ru"><surname>Казенас</surname><given-names>Е. В.</given-names></name><name name-style="western" xml:lang="en"><surname>Kazenas</surname><given-names>E. V.</given-names></name></name-alternatives><bio xml:lang="ru"><p>Казенас Евгений Владимирович – студент,</p><p>620002, г. Екатеринбург, ул. Мира, 19</p></bio><bio xml:lang="en"><p>Evgeniy V. Kazenas – student </p><p>19 Mira Str., 620002, Yekaterinburg</p></bio><email xlink:type="simple">kazenas03@mail.ru</email><xref ref-type="aff" rid="aff-2"/></contrib></contrib-group><aff-alternatives id="aff-1"><aff xml:lang="ru"><institution>Уральский государственный юридический университет имени В. Ф. Яковлева</institution><country>Россия</country></aff><aff xml:lang="en"><institution>Ural State Law University named after V. F. Yakovlev</institution><country>Russian Federation</country></aff></aff-alternatives><aff-alternatives id="aff-2"><aff xml:lang="ru"><institution>Уральский федеральный университет имени первого Президента России Б. Н. Ельцина</institution><country>Россия</country></aff><aff xml:lang="en"><institution>Ural Federal University named after the first President of Russia B. N. Yeltsin</institution><country>Russian Federation</country></aff></aff-alternatives><pub-date pub-type="collection"><year>2024</year></pub-date><pub-date pub-type="epub"><day>28</day><month>12</month><year>2024</year></pub-date><volume>2</volume><issue>4</issue><fpage>943</fpage><lpage>972</lpage><permissions><copyright-statement>Copyright &amp;#x00A9; Bakhteev D.V., Sosnovikova A.M., Kazenas E.V., 2024</copyright-statement><copyright-year>2024</copyright-year><copyright-holder xml:lang="ru">Бахтеев Д.В., Сосновикова А.М., Казенас Е.В.</copyright-holder><copyright-holder xml:lang="en">Bakhteev D.V., Sosnovikova A.M., Kazenas E.V.</copyright-holder><license xml:lang="ru" license-type="creative-commons-attribution" xlink:href="https://creativecommons.org/licenses/by/4.0/" xlink:type="simple"><license-p>Данная работа распространяется под лицензией Creative Commons Attribution 4.0.</license-p></license><license xml:lang="en" license-type="creative-commons-attribution" xlink:href="https://creativecommons.org/licenses/by/4.0/" xlink:type="simple"><license-p>This work is licensed under a Creative Commons Attribution 4.0 License.</license-p></license></permissions><self-uri xlink:href="https://www.lawjournal.digital/jour/article/view/488">https://www.lawjournal.digital/jour/article/view/488</self-uri><abstract><sec><title>Objective</title><p>Objective: to form of a comprehensive interdisciplinary legal and technological risk management model in the field of illegal cross-border transfer of personal data by eliminating legislative gaps and creating a system for automated control of outgoing information flows, as well as expert response to identified incidents.</p></sec><sec><title>Methods</title><p>Methods: in addition to general dialectical and general scientific methods, special legal and cybernetic methods were used. For example, based on comparative legal analysis, the authors reveal differences between national and international regulation of cross-border flows of personal data. In the second section, the modeling method allows forming an algorithm for identifying information security incidents in the field of cross-border transfer of personal data and responding to them.</p></sec><sec><title>Results</title><p>Results: the article formulates proposals to optimize legislation in the field under study by introducing specialized protective norms for violating the rules of cross-border transfer of personal data and stipulating the operator’s obligation to notify personal data subjects of the intention to transfer the information abroad. The second section describes the concept of a software package designed to detect information security incidents in the field under consideration, as well as a model of action of an authorized representative of the operator after receiving a signal from the automated system.</p></sec><sec><title>Scientific novelty</title><p>Scientific novelty: to solve the set problem, the work combines the knowledge and competencies of legal scientists and specialists in the field of information security, which allows an interdisciplinary approach. At the same time, it is stated that the issues of illegal crossborder transfer of personal data have not received proper coverage in science today, since Russian legislation in this area has changed recently. The authors propose not so much to strengthen the sanction for legislation violation in this area, as to ensure the punishment of persons who commit cyberattacks, and to equip personal data operators with an effective tool to minimize the risks of information leakage.</p></sec><sec><title>Practical significance</title><p>Practical significance: the research results can be used to improve legislation in the field of cross-border transfer of personal data and the organization of activities of authorized employees of the personal data operator for risk management in this area.</p></sec></abstract><trans-abstract xml:lang="ru"><sec><title>Цель</title><p>Цель: формирование комплексной междисциплинарной юридико-технологической модели управления рисками в сфере незаконной трансграничной передачи персональных данных посредством ликвидации законодательных лакун и создания системы автоматизированного контроля исходящих потоков информации, а также экспертного реагирования на выявленные инциденты.</p></sec><sec><title>Методы</title><p>Методы: в работе, помимо всеобщего диалектического и общенаучных, используются специально-юридические и кибернетические методы. Так, на основе сравнительно-правового анализа выявляются различия между национальным и международным регулированием трансграничных потоков персональных данных, а метод моделирования, положенный в основу второго раздела исследования, позволяет сформировать алгоритм выявления инцидентов информационной безопасности в сфере трансграничной передачи персональных данных и реагирования на них.</p></sec><sec><title>Результаты</title><p>Результаты: сформулированы предложения по оптимизации законодательства в рассматриваемой сфере посредством введения специализированных охранительных норм за нарушение правил трансграничной передачи персональных данных, закрепления обязанности оператора уведомлять субъектов персональных данных о намерении осуществить передачу информации за рубеж. Во второй части работы описана концепция программного комплекса, предназначенного для детекции инцидентов информационной безопасности в рассматриваемой области, а также модель действия уполномоченного представителя оператора после получения сигнала от автоматизированной системы.</p></sec><sec><title>Научная новизна</title><p>Научная новизна: для решения заявленной проблемы в работе объединяются знания и компетенции ученых-юристов и специалистов в сфере информационной безопасности, что позволяет предложить междисциплинарный подход. Одновременно с этим вопросы незаконной трансграничной передачи персональных данных на сегодняшний день не получили должного освещения в науке, поскольку российское законодательство в данной сфере изменилось не так давно. Авторы настоящей работы предлагают не столько усилить санкцию за нарушение законодательства в рассматриваемой сфере, сколько обеспечить наказание лиц, совершающих кибератаки, и вооружить операторов персональных данных действенным инструментом минимизации рисков утечки информации.</p></sec><sec><title>Практическая значимость</title><p>Практическая значимость: результаты исследования могут быть использованы для совершенствования законодательства в сфере трансграничной передачи персональных данных и организации деятельности уполномоченных сотрудников оператора персональных данных по управлению рисками в рассматриваемой сфере.</p></sec></trans-abstract><kwd-group xml:lang="ru"><kwd>законодательство</kwd><kwd>информационная безопасность</kwd><kwd>информация</kwd><kwd>инцидент</kwd><kwd>компьютерная сеть</kwd><kwd>персональные данные</kwd><kwd>право</kwd><kwd>связь</kwd><kwd>трансграничная передача данных</kwd><kwd>цифровые технологии</kwd></kwd-group><kwd-group xml:lang="en"><kwd>communications</kwd><kwd>computer network</kwd><kwd>cross-border data transfer</kwd><kwd>digital technologies</kwd><kwd>incident</kwd><kwd>information security</kwd><kwd>information</kwd><kwd>law</kwd><kwd>legislation</kwd><kwd>personal data</kwd></kwd-group></article-meta></front><back><ref-list><title>References</title><ref id="cit1"><label>1</label><citation-alternatives><mixed-citation xml:lang="ru">Абрамова, А. Г. (2020). Современные проблемы осуществления защиты персональных данных в сети: Основополагающие принципы защиты персональных данных. Регион и мир, 11(4), 21–25. https://www.elibrary.ru/eveayh</mixed-citation><mixed-citation xml:lang="en">Abdulrauf, L., Adaji, A., &amp; Ojibara, H. (2023). Clarifying the legal requirement for cross-border sharing of health data in POPIA: Recommendations on the draft Code of Conduct for Research. South African Journal of Bioethics and Law, 17(1), 44–48. https://doi.org/10.7196/sajbl.2024.v17i1.1969</mixed-citation></citation-alternatives></ref><ref id="cit2"><label>2</label><citation-alternatives><mixed-citation xml:lang="ru">Акулин, И. М., Чеснокова, Е. А., Гурьянова, Н. Е., Пресняков, Р. А., Летова А. Д. (2020). Возможность трансграничной передачи связанных со здоровьем персональных данных в рамках ЕАЭС: реальность, перспективы. Менеджер здравоохранения, 7, 65–73. https://doi.org/10.37690/1811-0185-2020-7-65-73</mixed-citation><mixed-citation xml:lang="en">Abramova, A. G. (2020). Contemporary issues of personal data protection in the network: fundamental principles of personal data protection. Region i mir, 11(4), 21–25. (In Russ.).</mixed-citation></citation-alternatives></ref><ref id="cit3"><label>3</label><citation-alternatives><mixed-citation xml:lang="ru">Артемова, А. Н. (2023). Правовое регулирование трансграничной передачи персональных данных. Юридическая наука и практика, 19, 3, 9–16. EDN: https://www.elibrary.ru/cgfugw. DOI: https://doi.org/10.25205/2542-0410-2023-19-3-9-16</mixed-citation><mixed-citation xml:lang="en">Akulin, I. M., Chesnokova, E. A., Guryanova, N. E., Presnyakov, R. A., &amp; Letova, A. D. (2020). Possibility of transboundary transfer of health-personal data within the EAEU: reality, prospects. Menedzher Zdravookhranenia, 7, 65–73. (In Russ.). https://doi.org/10.37690/1811-0185-2020-7-65-73</mixed-citation></citation-alternatives></ref><ref id="cit4"><label>4</label><citation-alternatives><mixed-citation xml:lang="ru">Балашкина, И. В. (2007). Особенности конституционного регулирования права на неприкосновенность частной жизни в Российской Федерации. Право и политика, 7, 92–105. https://www.elibrary.ru/hzyhnn</mixed-citation><mixed-citation xml:lang="en">Artemova, A. N. (2023). Legal regulation of cross-border personal data transfer. Yuridicheskaya nauka i praktika, 19(3), 9–16. (In Russ.). https://doi.org/10.25205/2542-0410-2023-19-3-9-16</mixed-citation></citation-alternatives></ref><ref id="cit5"><label>5</label><citation-alternatives><mixed-citation xml:lang="ru">Веселицкий, О. И. (2015). Вопросы трансграничной передачи персональных данных в соответствии с требованиями 242-ФЗ. Сборники конференций НИЦ Социосфера, 53, 275–279. https://www.elibrary.ru/vbvgev</mixed-citation><mixed-citation xml:lang="en">Balashkina, I. V. (2007). Features of the constitutional regulation of the right to privacy in the Russian Federation. Pravo i politika, 7, 92–105. (In Russ.).</mixed-citation></citation-alternatives></ref><ref id="cit6"><label>6</label><citation-alternatives><mixed-citation xml:lang="ru">Иванова, О. В., Иванов, П. В., Смелов, М. Н. (2010). Проблемы и алгоритмы поиска информации в глобальных компьютерных сетях. T-Comm: Телекоммуникации и транспорт, 4(3), 23–25. https://www.elibrary.ru/ophpnz</mixed-citation><mixed-citation xml:lang="en">Daniela, V., &amp; Amélie, M. (2022). A Frequency-Based Learning-To-Rank Approach for Personal Digital Traces. Proceedings of the 55th Hawaii International Conference on System Sciences, 2920–2929. https://doi.org/10.24251/hicss.2022.361</mixed-citation></citation-alternatives></ref><ref id="cit7"><label>7</label><citation-alternatives><mixed-citation xml:lang="ru">Смоленский, М. Б., Левшин, Н. С. (2016). Локализация персональных данных граждан РФ как составляющая экономической и национальной безопасности России. Наука и образование: хозяйство и экономика, предпринимательство, право и управление, 2(69), 111–114. https://elibrary.ru/item.asp?id=25423352</mixed-citation><mixed-citation xml:lang="en">Ferracane, M., &amp; Van der Marel, E. (2024). Governing personal data and trade in digital services. Review of International Economics. https://doi.org/10.1111/roie.12735</mixed-citation></citation-alternatives></ref><ref id="cit8"><label>8</label><citation-alternatives><mixed-citation xml:lang="ru">Abdulrauf, L., Adaji, A., &amp; Ojibara, H. (2023). Clarifying the legal requirement for cross-border sharing of health data in POPIA: Recommendations on the draft Code of Conduct for Research. South African Journal of Bioethics and Law, 17(1), 44–48. https://doi.org/10.7196/sajbl.2024.v17i1.1969</mixed-citation><mixed-citation xml:lang="en">Fuentes, I. T. (2020). Legal Recognition of the Digital Trade in Personal Data. Mexican Law Review, 12(2), 87–117. https://doi.org/10.22201/iij.24485306e.2020.2.14173</mixed-citation></citation-alternatives></ref><ref id="cit9"><label>9</label><citation-alternatives><mixed-citation xml:lang="ru">Daniela, V., &amp; Amélie, M. (2022). A Frequency-Based Learning-To-Rank Approach for Personal Digital Traces. Proceedings of the 55th Hawaii International Conference on System Sciences, 2920–2929. https://doi.org/10.24251/hicss.2022.361</mixed-citation><mixed-citation xml:lang="en">Guaman, D., Del Alamo, J., &amp; Caiza, J. (2021). GDPR Compliance Assessment for Cross-Border Personal Data Transfers in Android Apps. IEEE Access, 9, 15961–15982. https://doi.org/10.1109/ACCESS.2021.3053130</mixed-citation></citation-alternatives></ref><ref id="cit10"><label>10</label><citation-alternatives><mixed-citation xml:lang="ru">Ferracane, M., &amp; Van der Marel, E. (2024). Governing personal data and trade in digital services. Review of International Economics. https://doi.org/10.1111/roie.12735</mixed-citation><mixed-citation xml:lang="en">Ivanova, O. V., Ivanov, P. V., &amp; Smelov, M. N. (2010). Problems and algorithms of information retrieval in global computer networks. T-Comm, 4(3), 23–2. (In Russ.).</mixed-citation></citation-alternatives></ref><ref id="cit11"><label>11</label><citation-alternatives><mixed-citation xml:lang="ru">Fuentes, I. T. (2020). Legal Recognition of the Digital Trade in Personal Data. Mexican Law Review, 12(2), 87–117. https://doi.org/10.22201/iij.24485306e.2020.2.14173</mixed-citation><mixed-citation xml:lang="en">Ji, P., Shan, F., Li, F., Sun, H., Wang, M., &amp; Shan, D. (2023). Adaptive Sensitive Information Recognition Based on Multimodal Information Inference in Social Networks. Security and Communication Networks, 2023(1), 5627246. https://doi.org/10.1155/2023/5627246</mixed-citation></citation-alternatives></ref><ref id="cit12"><label>12</label><citation-alternatives><mixed-citation xml:lang="ru">Guaman, D., Del Alamo, J., &amp; Caiza, J. (2021). GDPR Compliance Assessment for Cross-Border Personal Data Transfers in Android Apps. IEEE Access, 9, 15961–15982. https://doi.org/10.1109/ACCESS.2021.3053130</mixed-citation><mixed-citation xml:lang="en">Jurcys, P., Corrales, M. C., &amp; Fenwick, M. (2022). The future of international data transfers: Managing legal risk with a ‘user-held’ data model. Computer Law &amp; Security Review, 46, 105691. https://doi.org/10.1016/j. clsr.2022.105691</mixed-citation></citation-alternatives></ref><ref id="cit13"><label>13</label><citation-alternatives><mixed-citation xml:lang="ru">Ji, P., Shan, F., Li, F., Sun, H., Wang, M., &amp; Shan, D. (2023). Adaptive Sensitive Information Recognition Based on Multimodal Information Inference in Social Networks. Security and Communication Networks, 2023(1), 5627246. https://doi.org/10.1155/2023/5627246</mixed-citation><mixed-citation xml:lang="en">Liu, Y., Yang, C., Liu, Q., Xu, M., Zhang, C., Cheng, L., &amp; Wang, W. (2024). PDPHE: Personal Data Protection for Trans-Border Transmission Based on Homomorphic Encryption. Electronics, 13(10), 1–23. https://doi.org/10.3390/electronics13101959</mixed-citation></citation-alternatives></ref><ref id="cit14"><label>14</label><citation-alternatives><mixed-citation xml:lang="ru">Jurcys, P., Corrales, M. C., &amp; Fenwick, M. (2022). The future of international data transfers: Managing legal risk with a ‘user-held’ data model. Computer Law &amp; Security Review, 46, 105691. https://doi.org/10.1016/j.clsr.2022.105691</mixed-citation><mixed-citation xml:lang="en">Pascual, H. A., Del Alamo, J., Rodríguez, D. T., &amp; Dueñas, J. (2024). Hunter: Tracing anycast communications to uncover cross-border personal data transfers. Computers &amp; Security, 141, 103823. https://doi.org/10.1016/j.cose.2024.103823</mixed-citation></citation-alternatives></ref><ref id="cit15"><label>15</label><citation-alternatives><mixed-citation xml:lang="ru">Liu, Y., Yang, C., Liu, Q., Xu, M., Zhang, C., Cheng, L., &amp; Wang, W. (2024). PDPHE: Personal Data Protection for Trans-Border Transmission Based on Homomorphic Encryption. Electronics, 13(10), 1–23. https://doi.org/10.3390/electronics13101959</mixed-citation><mixed-citation xml:lang="en">Romansky, R. P., &amp; Noninska, I. S. (2020). Challenges of the digital age for privacy and personal data protection. Math Biosci Eng, 17(5), 5288–5303. https://doi.org/10.3934/mbe.2020286</mixed-citation></citation-alternatives></ref><ref id="cit16"><label>16</label><citation-alternatives><mixed-citation xml:lang="ru">Pascual, H. A., Del Alamo, J., Rodríguez, D. T., &amp; Dueñas, J. (2024). Hunter: Tracing anycast communications to uncover cross-border personal data transfers. Computers &amp; Security, 141, 103823. https://doi.org/10.1016/j.cose.2024.103823</mixed-citation><mixed-citation xml:lang="en">Rowe, H. (2003). Data transfer to third countries: Transfers of personal data to third countries: the role of binding corporate rules. Computer Law &amp; Security Review, 19(6), 490–496. https://doi.org/10.1016/S0267-3649(03)00609-5</mixed-citation></citation-alternatives></ref><ref id="cit17"><label>17</label><citation-alternatives><mixed-citation xml:lang="ru">Romansky, R. P., &amp; Noninska, I. S. (2020). Challenges of the digital age for privacy and personal data protection. Math Biosci Eng, 17(5), 5288–5303. https://doi.org/10.3934/mbe.2020286</mixed-citation><mixed-citation xml:lang="en">Smolenskij, M. B., &amp; Levshin, N. S. (2016). Localization of personal data of Russian citizens as a component of Russia’s economic and national security. Nauka i obrazovanie: khozyajstvo i ekonomika, predprinimatelstvo, pravo i upravlenie, 2(69), 111–114. (In Russ.).</mixed-citation></citation-alternatives></ref><ref id="cit18"><label>18</label><citation-alternatives><mixed-citation xml:lang="ru">Rowe, H. (2003). Data transfer to third countries: Transfers of personal data to third countries: the role of binding corporate rules. Computer Law &amp; Security Review, 19(6), 490–496. https://doi.org/10.1016/S0267-3649(03)00609-5</mixed-citation><mixed-citation xml:lang="en">Veseliczky, O. I. (2015). Issues of cross-border transfer of personal data in accordance with the requirements of 242-FZ. Collections of conferences of the Sotsiosfera SIC, 53, 275–279. (In Russ.).</mixed-citation></citation-alternatives></ref><ref id="cit19"><label>19</label><citation-alternatives><mixed-citation xml:lang="ru">Yan, S., Odom, P., Pasunuri, R., Kersting, K., &amp; Natarajan, S. (2023). Learning with privileged and sensitive information: a gradient-boosting approach. Frontiers in Artificial Intelligence, 6, 1260583. https://doi.org/10.3389/frai.2023.1260583</mixed-citation><mixed-citation xml:lang="en">Yan, S., Odom, P., Pasunuri, R., Kersting, K., &amp; Natarajan, S. (2023). Learning with privileged and sensitive information: a gradient-boosting approach. Frontiers in Artificial Intelligence, 6, 1260583. https://doi.org/10.3389/frai.2023.1260583</mixed-citation></citation-alternatives></ref><ref id="cit20"><label>20</label><citation-alternatives><mixed-citation xml:lang="ru">Zheng, G. (2021). Trilemma and tripartition: The regulatory paradigms of cross-border personal data transfer in the EU, the U.S. and China. Computer Law &amp; Security Review, 43, 105610. https://doi.org/10.1016/j.clsr.2021.105610</mixed-citation><mixed-citation xml:lang="en">Zheng, G. (2021). Trilemma and tripartition: The regulatory paradigms of cross-border personal data transfer in the EU, the U.S. and China. Computer Law &amp; Security Review, 43, 105610. https://doi.org/10.1016/j.clsr.2021.105610</mixed-citation></citation-alternatives></ref></ref-list><fn-group><fn fn-type="conflict"><p>The authors declare that there are no conflicts of interest present.</p></fn></fn-group></back></article>
