Article summary
Information Law analysis: The judgment from the Court of Justice in Data Protection Commissioner v Facebook Ireland Ltd, Maximillian Schrems, Case C-311/18 (commonly known as ‘Schrems II’) raised the bar for transfers of personal data to third countries under the General Data Protection Regulation, Regulation (EU) 2016/679 (GDPR) by making clear that where Standard Contractual Clauses (SCCs) and other appropriate safeguards are being used, a level of due diligence needs to take place before any transfer can be made. This is to ensure that personal data originating in the EEA always carries with it protections which are essentially equivalent to those in the EEA. To help data exporters in that assessment, the European Data Protection Board (EDPB) has now issued guidance (Recommendations 01/2020) on how to carry out the due diligence exercise in practice and the supplementary measures which can be used to help achieve compliant transfers. Miriam Everett, partner and head of Data Protection and Privacy and Hannah...
To continue reading this news article, as well as thousands of others like it, sign in with LexisNexis or register for a free trial
Access this content for free with a 7 day trial of LexisNexis and benefit from:
- Instant clarification on points of law
- Smart search
- Workflow tools
- 42 practice areas
Get your quote today and take step closer to being able to benefit from:
- Instant clarification on points of law
- Smart search
- Workflow tools
- 36 practice areas
Get a quote for Lexis+
* denotes a required field
CONTACT US
