Fraud & Risk
Crossing Borders with Our Shields Down: The Schrems II Decision and Cross-Border Data Transfers
The European Court of Justice case "Data Protection Commissioner v. Facebook Ireland Ltd. and Maximillian Schrems" -- nicknamed "Schrems II" -- ended with a ruling in summer 2020 that invalidated the U.S. Privacy Shield framework. This presentation summarizes the implications this decision has on non-European companies doing business with consumers in the European Economic Area and addresses common questions. The deck also includes a look at potential technical approaches and concludes with five recommended practices in light of Schrems II.