Summary of the Information on U.S. Privacy Safeguards Relevant to SCCs and Other EU Legal Bases for EU-U.S.Data Transfers after Schrems II

29/09/2020


Summary of the Information on U.S. Privacy Safeguards Relevant to SCCs and Other EU Legal Bases for EU-U.S.Data Transfers after Schrems II

The U.S. Government has prepared the White Paper, which outlines the robust limits and safeguards in the United States pertaining to government access to data.


Continue Reading
Five Steps to Take After the Schrems II Decision

06/08/2020


Five Steps to Take After the Schrems II Decision

On July 16, 2020, the Court of Justice of the European Union (CJEU) has invalidated the Privacy Shield Framework with immediate effect and strengthen the requirements for organizations relying on Commission’s Decision 2010/87/EU on controller to processor Standard Contractual Clauses (SCCs) for transfers of personal data to third countries. In the same decision the CJEU took the view that SCCs are still valid. However, the CJEU has stated that individuals whose personal data is transferred to a third country pursuant to SCCs, must enjoy the same level of protection as they would under the privacy laws of the European Union (EU). What should organizations do in the light of the CJEU ruling?


Continue Reading
Summary of the Frequently Asked Questions on the judgment of the Court of Justice of the European Union in the Schrems 2 Case

25/07/2020


Summary of the Frequently Asked Questions on the judgment of the Court of Justice of the European Union in the Schrems 2 Case

The European Data Protection Board (EDPB) has issued answers to the questions they have received from the EU data protection authorities (DPAs) about the Schrems 2 case. In essence, the EDPB follows the position of the CJEU. If you are still unclear on what to do in the days after the CJEU decision this short summary of the FAQs can help.


Continue Reading
The CJEU Decision on the Privacy Shield and Standard Contractual Clauses

22/07/2020


The CJEU Decision on the Privacy Shield and Standard Contractual Clauses

The Court of Justice of the European Union (CJEU) has invalidated the EU-US Privacy Shield Framework and found that Standard Contractual Clauses (SCC) for data transfers between EU and non-EU countries are valid. This was the outcome of the CJEU decision C-311/18 – Facebook Ireland and Schrems issued on July 16th 2020.


Continue Reading