Podcast: Schrems II, the EU-US Privacy Shield, SCCs, and the CJEU


This is the second of two podcasts that summarise the ongoing litigation challenging the validity of legal mechanisms for international data transfers from Europe. The so-called ‘Schrems II’ case – Data Protection Commissioner v Facebook Ireland Limited, Maximillian Schrems C-311/18 – has led to the CJEU invalidating the EU-U.S. Privacy Shield. The CJEU decided however that Standard Contractual Clauses remain a valid mechanism. This podcast summarises the ruling.

The cases, EU laws, Commission Decisions and Communications mentioned in this podcast are:

Maxmillian Schrems v Data Protection Commissioner (C-362/14)

The Data Protection Directive 95/46/EC

The General Data Protection Regulation EU 2016/679

The Charter of Fundamental Rights of the European Union 2000

U.S. Foreign Intelligence Surveillance Act 1978

U.S. Executive Order 12333 December 4, 1981

Presidential Policy Directive 28: Signals Intelligence Activities 

Commission Decision 2016/1250

Commission Decision 2010/87

Commission Decision 2016/2297

European Convention on Human Rights and Fundamental Freedoms 1951