Resource Center / Tools and Trackers / DPA and government guidance on ‘Schrems II’
DPA and government guidance on ‘Schrems II’
This resource tracks DPA and government guidance on 'Schrems II.'
Last updated: September 2021
On July 16, 2020, the Court of Justice of the European Union handed out its decision on Case C311-18 Data Protection Commission vs. Facebook Ireland, Max Schrems. The historic ruling invalidated the EU-U.S. Privacy Shield framework and validated standard contractual clauses with an additional layer of requirements when exporting EU citizens’ data to a third country. The invalidation of Privacy Shield and the additional requirements for SCCs have created uncertainty for organizations using these data transfer mechanisms. In response, data protection authorities and government agencies are publishing initial guidance for how to handle the post-“Schrems II” data transfer world.
This resource tracks DPA and government guidance on 'Schrems II.'
If you are aware of existing DPA or government guidance not yet included on this page, please let us know at research@iapp.org.
DPA and government guidance on ‘Schrems II’
-
expand_more
European Commission -
expand_moreEuropean Data Protection Board
-
expand_moreEuropean Data Protection Supervisor
-
expand_more
Czech Republic -
expand_more
Denmark -
expand_more
Estonia -
expand_more
Finland -
expand_more
France -
expand_more
Germany- Baden-Württemberg: View Guidance
- Berlin: View Guidance
- Federal: View Guidance
- Hamburg: View Guidance
- Rhineland-Palatinate: View Guidance, View FAQ
- Thuringia: View Guidance
- Conference of German DPAs: View Guidance
-
expand_more
Ireland -
expand_more
Italy -
expand_more
Liechtenstein -
expand_moreLithuania
-
expand_more
Netherlands -
expand_more
Norway -
expand_more
Poland -
expand_more
Slovenia -
expand_more
Spain -
expand_more
Switzerland -
expand_more
United Kingdom -
expand_more
U.S. Department of Commerce