To print this article, all you need is to be registered or login on Mondaq.com.
On December 13, 2022, the European Commission published its draft adequacy decision
recognizing the essential equivalence of U.S. data protection
standards, laying the foundations for finalization of the European
Union (EU)-U.S. Data Privacy Framework and unhampered cross-border
data flows between the EU and the U.S.
By way of background, on January 16, 2020, the EU’s highest
court, the Court of Justice of the European Union (CJEU), rendered
its decision in the Schrems II case (Case C-311/18),
declaring that the EU-U.S. Privacy Shield is invalid because it
does not provide an adequate level of protection for the transfer
of personal data from the EU to the U.S. The CJEU did, however,
uphold the validity of standard contractual clauses (SCCs) with
certain caveats. In response to this decision, the U.S. Secretary of Commerce Wilbur Ross said
that the U.S. Department of State was “disappointed” and
had been corresponding with European Commission and European Data
Protection Board on this matter. Subsequently, the White House
issued an executive order committing to balance U.S.
foreign intelligence agencies access to personal data against the
privacy of EU citizens.
On January 17, 2023, the European Data Protection Board reported that it would use its next plenary
meeting to discuss the proposed EU-U.S. Data Privacy Framework.
This is an important next step in cementing the proposed EU-U.S.
Data Privacy Framework and maintaining the $7.1 trillion
transatlantic economic relationship.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.