The Berlin Commissioner for Data Protection and Freedom of Information published guidance for international data transfers according to the Court of Justice of the European Union's "Schrems II" ruling. The state regulator outlined transfer requirements under the EU General Data Protection Regulation while explaining the current legal landscape around global transfers, with particular focus on transfers to the U.S. and the lack of legal bases for transfers. Additionally, the guidance detailed the data transfer audits it has carried out in the wake of the CJEU decision.
Berlin DPA offers cross-border data transfer guidance
RELATED STORIES
Controllers, processors and subprocessors in chains
Notes from the IAPP Canada: Recommendations, calls to reform Privacy Act 'a good start'
A view from DC: Marriott and the minimum extent necessary
Retrospective: 2024 in state sectoral privacy law and AI law
Notes from the Asia-Pacific region: India's PM talks global governance for digital technology