Companies are allowed to transfer personal data outside the European Economic Area (EEA) if they are (1) transferring data to an entity that is within a country that has been recognized by the European Commission as ensuring an adequate level of protection or (2) they have put in place a European Commission-approved mechanism (a “safeguard”)

Notwithstanding a two-month-long pandemic shutdown, a wave of new legislation has flooded the halls of the California legislature, including four discreet privacy-related bills, each with different objectives and consequences. Upon the closing of the signature period, Gov. Newsom signed only two of the bills into law, vetoing the other two.

Read the full GT Alert,