Tag Archives: Schrems II

New automated data transfer tool launched

By Cynthia O’Donoghue and Dr. Andreas Splittgerber on 13 August 2021 Posted in Privacy & Data Protection

Reed Smith announced the launch of DaTA Transfer Pathway, an innovative new automated data transfer tool designed to assist organisations comply with recent changes in EU case law and EU data protection guidelines. Stemming from the Court of Justice of the European Union’s (CJEU) Schrems II decision relating to EU-US data transfers and in light … Continue Reading

EDPB adopts final recommendations on Supplementary Measures nearly a year after the CJEU’s Schrems II ruling

By Cynthia O’Donoghue, Dr. Andreas Splittgerber, Asel Ibraimova and Christian Leuthner on 6 July 2021 Posted in Privacy & Data Protection

The European Data Protection Board (EDPB) adopted final Recommendations on Supplementary Measures (Recommendations) for data transfers to third countries, published in response to the CJEU ruling in Schrems II. The Recommendations contain a six-step methodology to assess transfers of personal data from the EEA to those countries outside the EEA that have not been approved … Continue Reading

DPC’s authority to inquire into the EU-U.S. data transfers confirmed by the Irish High Court

By Cynthia O’Donoghue and Asel Ibraimova on 24 May 2021 Posted in Privacy & Data Protection

On 14th May 2021, the Irish High Court (High Court) dismissed a legal challenge brought against the Irish Data Protection Commission (DPC) concerning its inquiry and a preliminary draft decision to suspend the EU-U.S. data transfers of personal data of an applicant organisation. Background These proceedings follow on from Schrems II decision of the Court … Continue Reading

Aftermath of Schrems II decision in France: The French Council of State provides significant clarification on the U.S. based data host to provide services in the French health care sector

By Daniel Kadar, Stéphanie Abdesselam and Laetitia Gaillard on 29 March 2021 Posted in Global Data Transfers, Privacy & Data Protection, Regulatory

On March 12, 2021, the French Council of State (Conseil d’Etat), the highest French administrative court, handed down a ruling (ordonnance des référés) allowing Doctolib, a company in charge of booking COVID-19 vaccination appointments, to rely on a U.S.-based health data host. In the present case, the servers of Doctolib – whose platform had been … Continue Reading

The European Data Protection Board releases recommendations on supplementary measures following the Schrems II decision

By Cynthia O’Donoghue and Sarah O'Brien on 18 November 2020 Posted in Privacy & Data Protection

On 11 November 2020, the European Data Protection Board (EDPB) released recommendations on supplementary measures for international transfers (here) and recommendations on the European Essential Guarantees for surveillance measures (here), following the Schrems II decision (see our previous blog here). As a result of the Schrems II decision, data exporters who use certain transfer mechanisms as an appropriate … Continue Reading

First official guidance on international data transfers post Schrems II – German data protection authority publishes checklist and action items on international data transfers

By Dr. Andreas Splittgerber and Arne Senger on 7 October 2020 Posted in Global Data Transfers, Regulatory

The German data protection authority of the federal state of Baden-Württemberg (LfDI BW) has issued detailed guidance (Guidance) on international data transfers this August and September. This is the first official guidance by a data protection authority following the decision of the Court of Justice of the European Union (CJEU) in the Schrems II case … Continue Reading