Threat D.GDPR.DSHuoO.1

URI: D.GDPR.DSHuoO.1

Package: GDPR

Description: Personal data Data related to DataSubject is communicated across borders: since the data subject DataSubject is subject to the GDPR, their data Data it should not be communicated via process Process in jurisdiction RemoteJurisdiction that does not enforce the GDPR or equivalent protection, without suitable protection measures.

Threat Type: Primary Threat

Matching Pattern:

MP-DSHuoO

Finds personal data being communicated across a border, to a process that is an intermediary (not the final destination) and optionally has an operator organisation.

(empty)

CSG-GDPRAtSubject

(empty)

CSG-DataFlowEncryptionToProcess	The data *Data* sent by *FlowsFrom* to *Process* is encrypted end-to-end (i.e. not relying on transport level encryption).
CSG-GDPRAtRemoteJurisdiction	The jurisdiction *RemoteJurisdiction* is subject to the GDPR.
CSG-GDPRPrivacyShieldAtOrganisation	Organisation *Operator* has Privacy Shield status under the GDPR, i.e. they are committed to respect and uphold the GDPR when handling personal data from EU citizens and residents, even though they are based outside the EU.

Threat D.GDPR.DSHuoO.1

MP-DSHuoO

Triggered by Threat (0)

Triggers Secondary Threats (0)

Triggered By Control Strategy (1)

Misbehaviour Sets (0)

Control Strategies (3)