On 19 November, the CNIL released an article in order to provide companies impacted by the recent CJEU ruling on invalidation of Safe Harbor with guidance on the next steps. The article was published at the same time the CNIL sent a mailing to all data controllers relying on Safe Harbor to fix the issue.

The CNIL contemplates all possible schemes to legally frame the transfer of data to the U.S. The CNIL stated that a practical solution for affected companies would be to implement the EU model clauses, as they are more likely to be a quick fix to the Safe Harbor invalidation than the BCRs. This recommendation should be read in conjunction with the end of January 2016 deadline imposed on impacted companies.

Click here to read more in the issued Client Alert.