European companies that routinely transfer data to U.S. need to urgently rethink and rework their data transfer strategy following court ruling

A privacy watchdog from the European Union has warned, companies who are typically transfer data to the United States must revert to new arrangements with immediate effect.

The development comes in the wake of the Privacy Shield transatlantic pact being declared invalid last week.

The lack of a grace period in the court’s ruling means companies will have to use alternatives that carry greater risk and thus perhaps it would be prudent if they store and administer their data outside the United States.

Last week, Europe’s highest court cited concerns about U.S. surveillance for its ruling, disrupting thousands of companies that had depended on the four-year-old Privacy Shield to transfer Europeans’ personal data for payroll, finance and other uses.

According to the European Data Protection Board (EDPB), companies that transfer data to the United States via standard contractual clauses would have to self-assess whether these have suitable safeguards and inform their national privacy enforcer.

Companies which use binding corporate rules would have to do the same.

Along with the European Commission, the EDPB is now looking into ways to beef up standard contractual clauses and binding corporate rules that could be legal, technical or organisational.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s