The Court of Justice of the European Union (CJEU)’s historic decision in Schrems II, in which the EU-U.S. Privacy Shield was invalidated, requires businesses to rethink the mechanism they can rely on to transfer personal data from the EU to the United States and other countries. However, how the decision will be enforced remains uncertain.

Despite the invalidation of Privacy Shield, the U.S. Department of Commerce issued a statement that it “will continue to administer the Privacy Shield program, including processing submissions for self-certification and re-certification to the Privacy Shield Frameworks and maintaining the Privacy Shield List.” And although the CJEU’s decision in principle upheld the validity of Standard Contractual Clauses (SCCs), the judgment drew reactions from various EU data protection supervisory authorities (DPAs), some calling into question the use of SCCs for EU to U.S. transfers.

Read the full GT Alert, “The End of Privacy Shield: European Data Protection Authorities React.”

Print:
EmailTweetLikeLinkedIn
Photo of Dr. Viola Bensinger Dr. Viola Bensinger

Viola Bensinger co-chairs the firm’s Data, Privacy & Cybersecurity Practice and she chairs the Technology Practice as well as the Litigation Practice in Germany. She advises clients from the technology, media, health care and other industries.

Within the technology sector, Viola advises international…

Viola Bensinger co-chairs the firm’s Data, Privacy & Cybersecurity Practice and she chairs the Technology Practice as well as the Litigation Practice in Germany. She advises clients from the technology, media, health care and other industries.

Within the technology sector, Viola advises international internet, technology and healthcare companies in the areas of digital products, IT outsourcing, e-commerce, electronic payment, data protection, software licensing as well as digital media.

Photo of Gretchen A. Ramos Gretchen A. Ramos

Gretchen A. Ramos is Co-Chair of the Data, Privacy & Cybersecurity Practice and focuses her practice on privacy, cybersecurity, and information management. A creative problem-solver with a long track record of success in commercial disputes, she never loses sight of the simple fact…

Gretchen A. Ramos is Co-Chair of the Data, Privacy & Cybersecurity Practice and focuses her practice on privacy, cybersecurity, and information management. A creative problem-solver with a long track record of success in commercial disputes, she never loses sight of the simple fact that she works in a service industry. Clients appreciate not only her legal skills, but also her direct, no-nonsense approach to client service, including her bullet-pointed emails, snapshot executive summaries, and creativity in finding ways to streamline communications for in-house counsel with dozens of other projects—and little time—on their hands.

Gretchen’s clients come from diverse industries, including technology (SaaS), health care and life sciences, consumer products, manufacturing, academic institutions, and non-profits. She provides clients with practical business advice on compliance with state and federal U.S. laws, GDPR, APEC, and other global privacy laws in relation to their external and internal privacy and security procedures, product and app development, and advertising practices. Gretchen also regularly drafts and negotiates contracts concerning data-related vendors, assists clients in assessing privacy risks in corporate transactions, and provides guidance on and conducts privacy and security assessments. She has managed dozens of data breaches, and helps clients prepare for and immediately respond to security incidents and breaches.

Photo of Carsten A. Kociok Carsten A. Kociok

Carsten Kociok focuses his practice on the technology industry. He has broad experience in the areas of Internet, information technology, electronic and mobile payments and new media, as well as regulatory and data protection law issues.

Photo of Dr. Johanna Hofmann Dr. Johanna Hofmann

Johanna Hofmann advises German and international companies and groupt of companies on all questions of data protection and IT security law. The focus of her work is on the data protection-compliant structuring of existing and future business relationships, both on a national and…

Johanna Hofmann advises German and international companies and groupt of companies on all questions of data protection and IT security law. The focus of her work is on the data protection-compliant structuring of existing and future business relationships, both on a national and international level. Her field of interest lays in particular in the field of cloud computing, data protection certification and data security management. Through long-term secondments at a German group of companies and at the German subsidiary of a US-American technology group, Johanna has gained deep insights into different kinds of group-wide data protection organizations.

Before joining Greenberg Traurig Johanna worked with CMS Hasche Sigle in Munich for over two years. Prior to this, for several years she was a member of the project group for constitutionally compatible technology design and was in charge of an interdisciplinary research project on the dynamic data protection and IT security certification of cloud computing services.