ARTICLE
23 July 2020

GDPR Update: Top EU Court Strikes Down Validity Of EU-US Privacy Shield Framework; Upholds Standard Contractual Clauses

WB
Womble Bond Dickinson

Contributor

Womble Bond Dickinson logo

Being different is our normal way of working. It's not just what we do, it's how we do it.

You'll benefit from more than just the skills and know-how you'd expect from a pioneering law firm; our technology specialists, process and project management leaders, accountants and tax advisers work alongside lawyers with specialist sector expertise – from business to government.

Working side by side, we'll find clever solutions to your age-old problems.

With 1,300 professionals across 39 offices in the US and UK, we're equipped to tackle mission-critical challenges, wherever you do business.

Want the proof? It's in our track record. With our straight-talking, entrepreneurial approach, we’ve set new industry precedents, achieved market firsts and delivered trailblazing work for our clients.

So, whatever your future holds, we're here for you with A Point of View Like No Other.

Explore Firm Details
Today, July 16, 2020, the EU's top court, the Court of Justice of the European Union (CJEU), issued its highly anticipated decision in the Schrems II case.
United States Privacy
Tara N. Cho,Theodore F. Claypoole,Taylor Ey
+2 Authors
 Your Author LinkedIn Connections
Womble Bond Dickinson are most popular:
  • within Law Department Performance, Family and Matrimonial and Real Estate and Construction topic(s)
  • with Senior Company Executives, HR and Finance and Tax Executives
  • with readers working within the Property industries

Today, July 16, 2020, the EU's top court, the Court of Justice of the European Union (CJEU), issued its highly anticipated decision in the Schrems II case. In doing so, CJEU has invalidated the EU-US Privacy Shield Framework and held that its prior decision regarding Standard Contractual Clauses (SCCs) remains valid. Following this decision, US businesses can no longer rely on the EU-US Privacy Shield Framework as a legal mechanism for transferring personal data from the European Economic Area (EEA) to the US. However, companies can still leverage the SCCs in certain instances. The decision highlighted the requirement for the data exporter to ensure adequate levels of protections are in fact in place prior to transfers.

This decision takes away from an already shorter list of available mechanisms for transfers between processors. Now processors who previously relied on the EU-US Privacy Shield Framework will need to quickly identify a new mechanism to support legal transfers to the US under the GDPR. The continued validity of the SCCs leaves a gap for processor-to-processor transfers because the currently available SCCs do not expressly cover those types of transfers.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

[View Source]
Authors
Photo of Tara N. Cho
Tara N. Cho
Photo of Theodore F. Claypoole
Theodore F. Claypoole
Photo of Nadia Aram
Nadia Aram
Photo of Taylor Ey
Taylor Ey
Photo of Dominic D. Panakal
Dominic D. Panakal
Your Author LinkedIn Connections
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More