This panel will explore whether the situation post-Schrems II is sustainable, and consider the implications for practically every business in the EEA.
Schrems II invalidated Privacy Shield, and it also revealed the extent to which US national security law is incompatible with EU fundamental rights. The upcoming Trans Atlantic Data Privacy Framework might provide sme relief for organisations engaged in EU-US data transfers—but for how long? The question mark over moving to standard contractual clauses (SCCs) has left many companies struggling to find a way to lawfully facilitate transfers to the US. And recent decisions involving Google Analytics and other US services have shown DPAs’ willingness to enforce the EU’s strict data transfer rules. This panel will explore whether the situation post-Schrems II is sustainable, and consider the implications for practically every business in the EEA.