Reed Smith Newsletters

Reading time: 10 minutes; each article: 30 seconds

Table of Contents

  1. New SCCs for data transfers within the scope of the GDPR
  2. German data protection authorities on asset deals
  3. Wettbewerbszentrale publishes guidelines for advertising labelling by influencers
  4. CJEU: A company's purely economic interest in data processing can also be legitimate
  5. Austrian Federal Administrative Court: Design of a cookie banner
  6. Austrian Administrative Court: No right to deletion of listing on Internet platform
  7. German Federal Court of Justice: First leading decision on damages claims after scraping
  8. Federal Labour Court: No compensation under Art. 82 GDPR for failure to provide information under right of access
  9. Hamburg Regional Court: First judgment on text and data mining
  10. Traunstein Regional Court: No right against social media operator to demand data processing and data storage solely in Europe
  11. Termination without notice due to GDPR violation: Munich Court of Appeals on forwarding work emails to private accounts
  12. Lübeck Regional Court: Unlawfulness of the transfer in the absence of a data processing agreement
  13. Nuremberg Court of Appeals: Termination button must be accessible without prior login

1. New SCCs for data transfers within the scope of the GDPR

by Christian Leuthner

After the EU Commission published the Standard Contractual Clauses (SCCs) in 2021 for data transfers in 2021, it was unclear how to handle data transfers to recipients that were already subject to the GDPR, for example, because they provide services to data subjects in the EU. The SCCs state that they do not apply in these scenarios.

The EU Commission will soon launch a public consultation on the draft of the new SCCs, which is expected to be adopted in 2025. As recipients are already subject to the GDPR, to avoid duplication, we expect a simpler document with fewer obligations for recipients.

Conclusion: Finally, a suitable set of SCCs for transfer to recipients covered by the GDPR will be available. Until the new SCCs are available, parties should rely on the current SCCs or other data transfer mechanisms.