The CJEU’s decision in the Schrems II case changed the way organizations now approach international data transfers.   

The invalidation of the EU-US Privacy Shield means that companies must rely on different mechanisms such as Standard Contractual Clauses (SCCs) or other appropriate safeguards for Transatlantic data transfers. In the fallout from the Schrems II case, the European Commission has issued modernized SCCs as well as new adequacy decisions for the UK and the European Data Protection Board have adopted its final guidance on the measures that supplement transfer mechanisms.  

Data Transfers After Schrems II

This video explores what data transfers look like in a post-Schrems world, including:

  • Adequacy decisions
  • Standard Contractual Clauses (SCCs)
  • Appropriate Safeguards 
  • EDPB Guidance 
  • Derogations 


Related Resources for Schrems II:

Follow OneTrust on LinkedIn, Twitter, or YouTube for the latest updates on the implications of Schrems II.