Law Society of Ireland Gazette: The Second Coming

September 9, 2020

O’Melveny counsel John Dermody authored this article on how the Court of Justice for the European Union’s Schrems II decision has unsettled the landscape for transferring data outside the EU.

“The decision invalidated the EU-US Privacy Shield – a key mechanism by which companies transferred data from the EU to the United States in a manner compliant with the General Data Protection Regulation (GDPR) – and raised questions about whether standard contract clauses (SCCs) remain a viable alternative data-transfer mechanism,” Dermody writes. “The logic underlying the CJEU’s decision was that, because of the surveillance activities permitted by US law, the legal system of the US does not afford an ‘essentially equivalent’ level of protection to EU residents as that provided by European law. While European privacy advocates are celebrating the decision and pushing for swift and significant enforcement, the decision does no favours for member state data-protection authorities who are now on a collision course with the US and other nations whose laws do not mirror the strictures of the EU.”

Read the full article here.