Barry Sookman
  • Bio & expertise
    • Bio
    • Technology & Internet Lawyer
    • Copyright and Intellectual Property Lawyer and Litigator
    • Privacy & CASL
    • Government Relations
    • Rankings
  • Books & Articles
  • Speeches & Media
  • Terms
    • Privacy Policy
This site is about technology, copyright, and privacy Law
Barry Sookman
Barry Sookman
  • Bio & expertise
    • Bio
    • Technology & Internet Lawyer
    • Copyright and Intellectual Property Lawyer and Litigator
    • Privacy & CASL
    • Government Relations
    • Rankings
  • Books & Articles
  • Speeches & Media
  • Terms
    • Privacy Policy
Subscribe
  • Privacy

EU-US Privacy Shield invalid: Schrems II

  • July 16, 2020
  • Barry Sookman
Total
0
Shares
0
0
0

In a bombshell decision in Schrems II released earlier today, the Court of Justice of the European Union (CJEU) found that the Commission decision finding the EU-US Privacy Shield to be adequate for transferring personal data to the U.S. is invalid. In what can only be seen as a double whammy, the CJEU also ruled that transferring personal data to the U.S. pursuant to standard data protection clauses adopted by the Commission could also be found to be invalid by local data protection authorities. For more detail about the decision, see the blog post by Michael Scherman and Keith Rose of McCarthy Tetrault, Schrems II: The Saga Continues.

The Schrems II decision followed the 2015 Schrems I decision of the CJEU that struck down the framework that underpinned the EU-US privacy safe harbor.

The Schrems II decision will have significant consequences for transfers of personal information from the EU to the U.S. It will directly affect Canadian companies including multinationals that do business in the U.S. and transfer personal information to the U.S. from the EU for processing or other uses. The decision also reinforces the risk that arose after Schrems I that the adequacy finding PIPEDA enjoys will one day be revisited.

Companies that transfer personal data from the U.S. should review the basis for the transfers. This should include reviewing major agreements with processors, outsourcers and hosting providers to ensure that all transfers to the U.S. may be lawfully continued.

For questions about the implications of the Schrems II decision, you may want to call a lawyer in the McCarthy Tetrault Cybersecurity, Privacy & Data Management group.

Related

Total
0
Shares
0
0
0
0
Related Topics
  • data transfers from the EU
  • Privacy Shield
  • Schrems
Previous Article
Dynamic blocking order
  • CASL
  • Copyright
  • making available right

Court of Appeal rules CASL is constitutional and releases decision on the making available right

  • June 5, 2020
  • Barry Sookman
View Post
Next Article
  • Privacy

Privacy developments: OPC Privacy Guide for Businesses and Ontario privacy consultation

  • August 17, 2020
  • Barry Sookman
View Post

Subscribe

Subscribe now to our newsletter

You May Also Like
Digital Charter Implementation Act and CPPA
View Post
  • CPPA
  • Privacy

CPPA: problems and criticisms – automated decision making

  • Barry Sookman
  • December 18, 2022
Digital Charter Implementation Act and CPPA
View Post
  • CPPA
  • PIPEDA
  • Privacy

CPPA: problems and criticisms – anonymization and pseudonymization of personal information

  • Barry Sookman
  • December 5, 2022
Digital Charter Implementation Act and CPPA
View Post
  • CPPA
  • PIPEDA
  • Privacy

CPPA: problems and criticisms – service provider obligations

  • Barry Sookman
  • November 13, 2022
Digital Charter Implementation Act and CPPA
View Post
  • CPPA
  • Privacy

CPPA: problems and criticisms – appropriate purposes

  • Barry Sookman
  • October 31, 2022

Leave a ReplyCancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Subscribe

Subscribe now to our newsletter

Barry Sookman
This site is about technology, copyright, and privacy Law

Input your search keywords and press Enter.

We may be using cookies to give you the best experience on our website.

 

Barry Sookman
Powered by  GDPR Cookie Compliance
Privacy Overview

This website may use cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

Strictly Necessary Cookies

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.