The arrival of the new EU Standard Contractual Clauses (“EU SCCs”) for international transfers in June 2021 was widely awaited to better understand the new requirements to assess the third-country laws for government access to data prior to using the SCCs following the Court of Justice of the European Union’s (“CJEU”) decision on Schrems II. … Continue Reading
Reed Smith announced the launch of DaTA Transfer Pathway, an innovative new automated data transfer tool designed to assist organisations comply with recent changes in EU case law and EU data protection guidelines. Stemming from the Court of Justice of the European Union’s (CJEU) Schrems II decision relating to EU-US data transfers and in light … Continue Reading
The European Data Protection Board (EDPB) adopted final Recommendations on Supplementary Measures (Recommendations) for data transfers to third countries, published in response to the CJEU ruling in Schrems II. The Recommendations contain a six-step methodology to assess transfers of personal data from the EEA to those countries outside the EEA that have not been approved … Continue Reading
On 14th May 2021, the Irish High Court (High Court) dismissed a legal challenge brought against the Irish Data Protection Commission (DPC) concerning its inquiry and a preliminary draft decision to suspend the EU-U.S. data transfers of personal data of an applicant organisation. Background These proceedings follow on from Schrems II decision of the Court … Continue Reading
On March 12, 2021, the French Council of State (Conseil d’Etat), the highest French administrative court, handed down a ruling (ordonnance des référés) allowing Doctolib, a company in charge of booking COVID-19 vaccination appointments, to rely on a U.S.-based health data host. In the present case, the servers of Doctolib – whose platform had been … Continue Reading
On 11 November 2020, the European Data Protection Board (EDPB) released recommendations on supplementary measures for international transfers (here) and recommendations on the European Essential Guarantees for surveillance measures (here), following the Schrems II decision (see our previous blog here). As a result of the Schrems II decision, data exporters who use certain transfer mechanisms as an appropriate … Continue Reading
The German data protection authority of the federal state of Baden-Württemberg (LfDI BW) has issued detailed guidance (Guidance) on international data transfers this August and September. This is the first official guidance by a data protection authority following the decision of the Court of Justice of the European Union (CJEU) in the Schrems II case … Continue Reading