The European Data Protection Board and the European Data Protection Supervisor have adopted a joint opinion on the European Commission Implementing Decision on Standard Contractual Clauses Between Controllers and Processors. The aim is to ensure consistency and a correct application of Article 28 GDPR as regards the presented Draft SCCs that could serve as standard contractual clauses in compliance with Article 28 (7) Regulation (EU) 2016/679 and Article 29 (7) Regulation (EU) 2018/1725 .
The European Commission (EC) has adopted the new standard contractual Clauses between controllers and processor located in the EU open for public feedback until December 10, 2020.
The U.S. Government has prepared the White Paper, which outlines the robust limits and safeguards in the United States pertaining to government access to data.
On July 16, 2020, the Court of Justice of the European Union (CJEU) has invalidated the Privacy Shield Framework with immediate effect and strengthen the requirements for organizations relying on Commission’s Decision 2010/87/EU on controller to processor Standard Contractual Clauses (SCCs) for transfers of personal data to third countries. In the same decision the CJEU took the view that SCCs are still valid. However, the CJEU has stated that individuals whose personal data is transferred to a third country pursuant to SCCs, must enjoy the same level of protection as they would under the privacy laws of the European Union (EU). What should organizations do in the light of the CJEU ruling?
The European Data Protection Board (EDPB) has issued answers to the questions they have received from the EU data protection authorities (DPAs) about the Schrems 2 case. In essence, the EDPB follows the position of the CJEU. If you are still unclear on what to do in the days after the CJEU decision this short summary of the FAQs can help.
The Court of Justice of the European Union (CJEU) has invalidated the EU-US Privacy Shield Framework and found that Standard Contractual Clauses (SCC) for data transfers between EU and non-EU countries are valid. This was the outcome of the CJEU decision C-311/18 – Facebook Ireland and Schrems issued on July 16th 2020.
Subscribe to our newsletter to stay on top of the most relevant news from the privacy world. We might personalize the newsletter based on your interests. Occasionally, these emails may contain commercial offers from us. You may unsubscribe by clicking on the unsubscribe link at the bottom of the marketing email or by writing to us.
We use cookies, but we promise we will not use them for advertising or similar purposes. Right now, we use cookies to ensure that our website is secure enough and we don't display this banner every time you visit us.
You can find more information about cookies we use in our Cookie Policy.
