Our responses to the EDPB regarding Schrems II guidance
We have recently formally contributed to the European Data Protection Board’s consultation regarding recommendations 01/2020 on measures that supplement transfer tools to ensure compliance with the EU level of protection of personal data.
In summary, the draft guidance lacks realistic and pragmatic help for businesses unable to command the attention of the (mainly US-based) giants of the IT ecosystem. It creates more questions than answers. The draft recommendation seems almost unable to acknowledge that several countries (the US in particular) hold a monopoly in IT software and service provision.
Some, perhaps most, of the entities in those territories are unable to avoid the reach of surveillance duties hardwired into their national law. Indeed, imposing some of the recommendations of the draft guidance may put those entities in breach of their national laws.
This draft guidance should take into account the international contours of the IT ecosystem and speak more plainly to businesses unable to negotiation technical or contractual changes and equally unable to buy services from elsewhere due the aforementioned monopoly.
To read our full detailed response to the European Data Protection Board, click here.
Get in touch
For more information on this update, or any data protection related matters, please contact Matthew Holman.