In July 2020, the Court of Justice of the European Union (CJEU) declared that the EU-US Privacy Shield was no longer valid as a lawful personal data transfer mechanism. In addition, the CJEU clarified that organizations using standard contractual clauses (SCCs) to transfer personal data must evaluate the level of the adequate data protection in the third country (i.e., destination country). The CJEU’s invalidation of the Privacy Shield has serious impacts on EU-US data flows because so many organizations relied on that framework to transfer personal data lawfully. As a result, these impacts are not only immediate, but also require a lot of work.
Join us for a webinar as our experts discuss why your business should start with its data map for quick compliance and the steps you can take to get an understanding of the extent of personal data your business is currently transferring between the EU/EEA and the United States on the basis of the EU-US Privacy Shield, SCCs, or BCRs.