The digital era shows an unprecedented worldwide flow of data within multinational companies and their external service providers. Binding Corporate Rules (BCRs) are designed to allow these companies to transfer personal data across borders in compliance with EU Data Protection Law. This is the first work to give an in-depth assessment of the BCR regime. It discusses the origins of the regime and the material requirements of BCR, as well as how they should be applied in practice and made binding on the companies and employees. It also covers how BCRs may provide for enforceable rights for the beneficiaries of the regime and how they should be brought in line with requirements of European rules on private international law. The work also analyses a number of significant academic debates in the areas of transnational private regulation and data protection. It reflects on the debates as to the legitimacy of transnational private regulation as a method of regulating corporate conduct and also focuses on the merits and shortcomings of BCR as a method for regulating global data transfers. This book is essential reading for those who need to understand more about the BCR regime, and require insight into how cross-border data transfers could be better protected in the future.