On July 10, 2023, the European Commission adopted its adequacy decision for the EU-US Data Privacy Framework. It came after 18 months of negotiations following the invalidation of its predecessor, the EU-US Privacy Shield. The EU-US DPF restores an important mechanism for the cross-border transfer of personal data and introduces limitations on US surveillance agencies’
The European Commission’s adequacy decision for the EU-US Data Privacy Framework is the latest chapter in the story of trans-Atlantic data transfers. While the adoption of such a decision has been long anticipated, its arrival has thrown up several questions about applicability, certification, impact, and other poignant topics related to the framework. These are your
Transferring personal data internationally is a central aspect of today’s global digital economy. Recent case law has meant that data transfers under the GDPR have become one of the most scrutinised and most discussed areas of privacy and data protection compliance, making it a complex space to navigate. This eBook offers information on the means
Understanding the complex data transfer landscape requires organizations to stay up-to-date with a growing list of localization obligations, which restrict their ability to transfer personal data outside of certain jurisdictions. Download this infographic from OneTrust for an overview of data localization trends across the world, commonly regulated data types, and a snapshot of some of
The data transfer landscape has changed markedly since the CJEU’s judgment in the Schrems II case. The decision invalidated the EU-US Privacy Shield and cast doubt over the effectiveness of the European Commission’s existing Standard Contractual Clauses (SCCs). In the fallout from the decision, the European Commission issued a revised set of SCCs for organizations