As we all know, the EU-U.S. Privacy Shield framework, the cross-border transfer mechanism relied upon by over 5,000 U.S. entities until just over a month ago, was recently invalidated by the CJEU in the Schrems II case (see here for our last post following the ruling). So what next?
Continue Reading Addressing Cross-Border Transfers from the EU Following the Schrems II Ruling
data transfers
Schrems II: EU Personal Data Transfers to the U.S. and the Invalidation of the Privacy Shield
By Céline Guillou & Chiara Portner on
Despite three annual reviews by European Union Commissioners, the European Court of Justice (CJEU) invalidated the Privacy Shield and called into question many transfers of personal data pursuant to the Standard Contractual Clauses on July 16. At stake are transfers of EU personal data to thousands of U.S. companies that rely on personal data being transferred from the EU. The case is colloquially known as “Schrems II” as it is the second case involving Maximillian Schrems (Case C-311/18 Data Protection Commissioner v Facebook Ireland and Maximillian Schrems). Mr. Schrems’ first case resulted in an invalidation of the EU-US Safe Harbor, the Privacy Shield’s predecessor in 2015.
Continue Reading Schrems II: EU Personal Data Transfers to the U.S. and the Invalidation of the Privacy Shield