Legal News

EDPB guidance on ensuring compliance for international data transfers following Schrems II

Published on: 02 December 2020
imgtext

Article summary

Information Law analysis: The judgment from the Court of Justice in Data Protection Commissioner v Facebook Ireland Ltd, Maximillian Schrems, Case C-311/18 (commonly known as ‘Schrems II’) raised the bar for transfers of personal data to third countries under the General Data Protection Regulation, Regulation (EU) 2016/679 (GDPR) by making clear that where Standard Contractual Clauses (SCCs) and other appropriate safeguards are being used, a level of due diligence needs to take place before any transfer can be made. This is to ensure that personal data originating in the EEA always carries with it protections which are essentially equivalent to those in the EEA. To help data exporters in that assessment, the European Data Protection Board (EDPB) has now issued guidance (Recommendations 01/2020) on how to carry out the due diligence exercise in practice and the supplementary measures which can be used to help achieve compliant transfers. Miriam Everett, partner and head of Data Protection and Privacy and Hannah...

Popular documents