As discussed more fully in Phillip Lytle's previous client alert, the Court of Justice of the European Union (CJEU) recently invalidated the EU-U.S. Privacy Shield Program (“Schrems II decision”), one such derogation that was relied upon by over 5,300 United States organizations to facilitate cross-Atlantic data transfers. The decision also analyzed the use of standard contractual clauses (SCCs), another means by which data controllers and processors facilitate data transfers from the EEA to countries that are not deemed to have an adequate level of protection, by contractually guaranteeing a certain level of protection.
Read the full article here.
Comments