The Berlin Commissioner for Data Protection and Freedom of Information published guidance for international data transfers according to the Court of Justice of the European Union's "Schrems II" ruling. The state regulator outlined transfer requirements under the EU General Data Protection Regulation while explaining the current legal landscape around global transfers, with particular focus on transfers to the U.S. and the lack of legal bases for transfers. Additionally, the guidance detailed the data transfer audits it has carried out in the wake of the CJEU decision.
Berlin DPA offers cross-border data transfer guidance
RELATED STORIES
Privacy in Arkansas: Is Arkansas ready for a consumer privacy law?
A view from DC: CFPB calls for states to regulate financial privacy
Notes from the IAPP Canada: OPC's WADA investigation 'raises some interesting issues'
A view from Brussels: European Commission's new tech policy center of gravity
First fine imposed under Thailand's Personal Data Protection Act