Data Transfer and Protection with Alex Brown and Natasha Sheppard from Simmons and Simmons (International Law Firm)
Simmons and Simmons: data transfer risk assessment tool.
Following the Schrems II case and related regulator guidance organizations that are subject to the GDPR must conduct a comparative analysis and risk assessment against a complex set of requirements for most of their international data transfers. In our digitally connected world, data transfers are the lifeblood of most companies and therefore they need an effective solution to completing the required risk assessments.
Ctrl_Transfer will do much of the hard work for you. Comprehensive, easy to understand country analysis is provided for a number of common importing countries. A simple scoring methodology allows for consistent and objective identification of key differences between jurisdictions, and updates to the information as things change will ensure that it is accurate and up to date.
Analysis can be quickly imported into built-in risk assessment templates to quickly identify any supplementary measures required. A suite of additional templates is also included within the tool to assist with things like developing and documenting supplementary measures to make data transfers compliant.
Case Study: Facebook
Couple of weeks ago, Ireland’s High Court ruled against Facebook in a dispute over the company’s efforts to keep moving European data to the United States.
European Union and U.S. new data-transfer pact that would allow all firms — and not just Facebook— to move data between two of the world’s largest economic blocs.
Dublin court backed the regulator’s preliminary view that standard contractual clauses, or SCCs — widely used legal instruments — can’t be used to transfer data to the U.S. in light of the Schrems ruling that raised the bar for international data transfers.
SCCs could not compensate for the lack of protections in U.S. law for Europeans, the judge wrote, noting that Facebook did not appear to have put in place any extra safeguards. Where do international transfers go next?
Other countries from Brazil to Russia to India are similarly pursuing legislation that would require local citizens’ data to be stored within their jurisdictions.
In recent months, there has been a growing chorus, most notably from U.S. President Joe Biden’s administration, to create a global pact that allows international data transfers to continue among countries that agree to baseline protections. The goal, in theory, is to uphold people’s privacy rights, while also allowing billions of euros worth of global trade to continue unimpeded. Yet with EU-U.S. data transfers — both from Facebook and other companies — now in jeopardy, the pendulum is increasingly swinging toward keeping data closer to home.
Bios:
Alex Brown: Partner in the Information, Communications & Technology Group in Simmons & Simmons London Office. Advises on outsourcing and commercial ICT contracts for users and suppliers of ICT products and services. Particular specialism in data protection and privacy. Handles large scale, complex outsourcings (both IT and business process), software development, licensing and maintenance, telecoms supply and procurement contracts, major commercial contracts for the supply of goods and services. Assists clients in a variety of industries on all aspects of privacy compliance
Natasha Sheppard: Associate at Simmons & Simmons Digital Business. Specialising in Data Protection and has recently worked on advising around the Schrems 2 and new Standard Clause decisions surrounding Data Transfer.
Lee Curtis: Head of Global Sales at Simmons & Simmons. Lee says that he “sell lawyers.” Leading a global team he works alongside partners and senior management to deliver a sustainable business strategy. He spent 10 years in the international legal market (eight in Asia) and specializes in selling legal products.
Contact The Trust Bridge:
Websites:
http://www.thetrustbridge.co.uk/
http://digitalarena.co/ Arena for Data Protection Professionals)
Online learning portal https://training.