Table of contents:
- Update on international data transfers
- State Labour Court of Baden-Württemberg: No claim for damages for transferring personal data to the United States on the basis of the standard contractual clauses
- German Supreme Court: Scope of right to access under article 15 of the GDPR
- ECJ AG: Inbox advertising for free mail services only permissible with consent?
- File sharing on file sharing networks: Strengthening of copyrights by ECJ
- Austrian Supreme Court: Statistical probability as personal data?
- Frankfurt Court of Appeals: German website imprint of a U.S. incorporated company
1. Update on international data transfers
by Dr. Andreas Splittgerber and Christian Leuthner
Here in brief is the latest news in the area of data transfers:
(i) The EU Commission has adopted new EU standard contractual clauses (SCCs) (four modules: Controller/Processor, Controller/Controller, Processor/Processor, Processor/Controller). The SCCs must be used for international data transfers for new contracts from September 27, 2021. All legacy contracts must be converted to the new SCCs by December 27, 2022. More on our blog.
(ii) The United Kingdom has an adequate level of data protection until at least 2025. The United Kingdom will be treated almost like an EU member state in terms of data protection law. More on our blog.
(iii) The European Data Protection Board has published the final version of its guidelines on supplementary measures for international data transfers. Organizations must, in addition to the data transfer mechanism (see (i)), conduct and document a six-step test to determine whether or not the laws in the recipient country conflict with the data transfer mechanism. This is a result of the Schrems II decision. More on our blog.
(iv) The EU Commission has adopted a model for intra-European data processing agreements. This template can be, but does not have to be, used by organizations.
Conclusion: All organizations operating internationally must review and update their international data transfers in the coming months. Listen to our podcast on international data transfers. Reed Smith has also developed a "Data Transfer Assessment Tool" to help companies do this. Contact us for more information.