November 9, 2020

09 November 2020

European Data Protection Supervisor Issues Schrems II Guidelines

Following the Court of Justice of the European Union’s (“CJEU”) decision in Data Protection Commissioner v Facebook Ireland Ltd and Maximillian Schrems on 16 July 2020 (“Schrems II”), the European Data Protection Supervisor, tasked with overseeing compliance with EU data protection laws by the EU institutions (“EUIs” and “EDPS”), issued guidance on 29 October 2020 on how EU institutions should comply with the Schrems II ruling (“EDPS Guidance”).  In Schrems II, the CJEU invalidated the EU-U.S. Privacy Shield program and potentially required additional protections to be implemented when Standard Contractual Clauses are used.  Both are key legal mechanisms used to enable transfers of personal data outside the EU.


XSLT Plugin by BMI Calculator