Send us Fan Mail

On 21 June 2021, the European Data Protection Board (EDPB) released the long-awaited updated Recommendations on possible supplementary measures when transferring personal data out of the European Economic Area (EEA). These Recommendations align with the new Standard Contractual Clauses for International Transfers that were released by the European Commission on 4 June 2021 and require organisations to conduct third country risk assessments before transferring personal data. In this episode, Paul Breitbarth and K Royal discuss the details of the new European guidance, but also comment on how to do all this work in practice. Is it for example reasonable to expect such detailed assessments from companies? Is the risk-based approach really back? And how does all of this guidance relate to the whole debate about the scope of application of the GDPR. The lawyers in Paul certainly don’t seem to agree on the interpretation of the GDPR… 

As always, if you have any questions or comments, please feel free to contact us at [email protected]. In addition, if you like our podcast, please do rate and comment on our program in your favourite podcast app.

Resources

• TrustArc has a website providing further guidance on International Data Transfers 
• Paul and K are doing a webinar on International Transfers on 30 June 2021 at 11am ET. You can register here.

If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email [email protected]. Rate and Review us!

From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.