Header graphic for print
Password Protected Data Privacy & Security News and Trends

Expected Soon: Modifications of the Standard Contractual Clauses

Posted in Data portability, Data retention, EU Data Protection, Legislation, Privacy

The European Commission very recently presented two draft implementing decisions amending the existing adequacy decision on standard contractual clauses.

These drafts were presented to the Article 31 Committee, which is composed of Members State representatives who assist the European Commission concerning the protection of individuals with regard to the processing of personal data.

This presentation is a consequence of the Schrems ruling and past declarations of the Article 29 Working Party that standard contractual clauses remain under scrutiny.

The summary by the Article 31 Committee speaks for itself: “In Schrems, the Court invalidated Article 3 of the Safe Harbour adequacy decision because it found that the Commission exceeded its powers in imposing limitations on the powers of national supervisory authorities (DPAs) to suspend and prohibit data flows. Since a comparable provision restricting the powers of DPAs is present in the existing adequacy and SCCs decisions, the main objective of the proposed draft amending decisions is to remove any such restriction, thereby ensuring that the DPAs can use all the powers provided under EU and national law.”

The Article 31 Committee will make a final decision concerning these draft amendments in the coming days or weeks after reviewing the opinions of the Article 29 Working Party. It is possible that the Article 29 Working Party will propose other amendments.

For more information on international data transfers, please refer to the following prior Password Protected blog posts:

Is the Privacy Shield Viable? Article 29 Working Party Proposes to Wait for Its Final Verdict

New Threat to Transatlantic Personal Data Transfers: Possible Invalidation of Standard Contractual Clauses

WP 29 Expresses Concerns About EU-U.S. Privacy Shield

EU-U.S. Privacy Shield: Better or Worse?

Replacing Safe Harbor: EU-U.S. Privacy Shield Announced

U.S. Chamber of Commerce and Business Europe Request Quick, Perennial Safe Harbor Fix

Safe Harbor Invalidated by the CJEU; Are There Other Solutions for Transatlantic Transfers?

Means, Other Than Safe Harbor, of Transferring Personal Data to the U.S. Potentially Vitiated?

CJEU Declares the EU Commission Safe Harbor Decision Invalid