On September 23, 2009, the Information Commissioner’s Office (the "ICO"), the UK’s data protection regulator, issued a press release announcing the approval of the Hyatt Hotels Corporation’s binding corporate rules ("BCR") under the new mutual recognition procedure. Hyatt is the first UK applicant to receive approval under the mutual recognition procedure.
Mutual recognition was devised to speed up the process of BCR approval by EU Data Protection Authorities ("DPAs"). Under "mutual recognition," one EU Member State’s DPA acts as the lead authority on a company’s BCR application. Once approved by the lead authority, the other participating members of the procedure automatically approve the BCR application.