Summary

This is the second of two podcasts that summarise the ongoing litigation challenging the validity of legal mechanisms for international data transfers from Europe. The so-called ‘Schrems II’ case – Data Protection Commissioner v Facebook Ireland Limited, Maximillian Schrems C-311/18 – has led to the CJEU invalidating the EU-U.S. Privacy Shield. The CJEU decided however that Standard Contractual Clauses remain a valid mechanism. This podcast summarises the ruling.

The cases, EU laws, Commission Decisions and Communications mentioned in this podcast are:

Maxmillian Schrems v Data Protection Commissioner (C-362/14)

The Data Protection Directive 95/46/EC

The General Data Protection Regulation EU 2016/679

The Charter of Fundamental Rights of the European Union 2000

U.S. Foreign Intelligence Surveillance Act 1978

U.S. Executive Order 12333 December 4, 1981

Presidential Policy Directive 28: Signals Intelligence Activities 

Commission Decision 2016/1250

Commission Decision 2010/87

Commission Decision 2016/2297

European Convention on Human Rights and Fundamental Freedoms 1951