Transferring data to the US just became more complicated
The ECJ has just struck down the mechanism known as the Privacy Shield, the method designed by the US Government for legalising the transfer of personal data from the EU to the US. This is not the first time it has happened, as the previous incarnation known as, “Safe Harbour,” was also declared unsafe by the European court. In both cases, Max Schrems of NOYB, was the Jerry to the US’s Tom.
What it means is that there are over 5,000 US companies that have a major headache as they must stop transferring personal data to their US computers immediately.
What it also means is that they have to put in place new approved mechanisms such as the EU’s own Standard Contractual Clauses or Binding Corporate Rules or try to rely on one of the GDPR Article 49 derogations (which is not easy at all).
If your business transfers data to the USA then talk to us now to see what you can do.
Brexit is going to cause similar issues, because if the UK does not get what is called a decision of adequacy, then we will also have to put in place legal mechanisms to legalise the transfer of data to and from the EU, let alone what will be required to transfer it to the USA. It might be wise to be Jerry now and talk to us to avoid the traps that are coming.
For more information and support please contact our GDPR Specialist:
Ian Sinclair-FordGDPR Specialistian.email@example.comT: 0151 305 9650 | M: 07786 394 679