The impetus to conduct a Data Transfer Impact Assessment (TIA) comes from three legal authorities: (1) the European Court of Justice’s recommendation in Schrems II that the parties to a transfer verify on a case-by-case basis whether the “law of the third country of destination ensures adequate protection . . . of personal data transferred
