2020 has seen data protection mechanisms which European companies rely upon the subject of seismic changes the ramifications of which will be felt for many years to come.
In July 2020 the Court of Justice of the European Union handed its judgment in the Schrems II case, invalidating the Privacy Shield and finding that additional safeguards to legitimise transfers from Europe to third countries may be needed. Since then, the European Data Protection Board (EDPB) has published draft guidance on the additional safeguards and the European Commission (EC) has proposed replacement Standard Contractual Clauses (SCC’s) as well as new standard processor clauses to comply with Article 28 of the GDPR. All are currently the subject of short consultation processes.
On Thursday 3 December, members of Bird & Bird’s International Data Protection Group will be hosting a webinar to give you an update on the EDPB’s draft guidance and the EC’s proposed SCCs and Article 28 clauses, and to discuss their potential implications.