facebook linked in twitter youtube instagram

The First 100 Days Updates & Resources

Click here to access insights and external resources collected by Nelson Mullins on the first 100 days of the new presidential administration and Congress. These articles and fact sheets are non-partisan in nature and address the impact of each on various industries and client sectors.

COVID-19 Resources

Click here to access our extensive COVID-19 resources that address a wide variety of topics in general and by industry.

The LatestView All

Nelson Mullins Adds FinTech Pro From Polsinelli

January 20, 2021

Nelson Mullins Adds FinTech Pro From Polsinelli
close

Insights

December 2020

You Can’t Get There from Here: Did the EU Just Outlaw Almost All Transfers of Personal Data to the U.S.?

By Roy Wyman, Colton Driver, CIPP/E

DRI’s For the Defense

On July 16, 2020, the highest court in the EU, the Court of Justice of the European Union (CJEU), revealed its judgment in what is commonly called “Schrems 2.0.” Data Protection Commissioner v. Facebook Ireland and Maximillian Schrems (Case C-311/18). This case largely concerned the validity of different methods of cross-border data transfer between the EU and elsewhere, and in particular: EU-US Privacy Shield and Standard Contractual Clauses (SCCs). The popular headline following the decision was that the court struck down Privacy Shield self-certification, which has been a common basis for exporting information out of the EU and into the U.S., but confirmed that SCCs (and Binding Corporate Rules (BCRs), addressed below) largely remained valid, with additional language required to protect data further. Unfortunately, the decision actually casts a shadow of doubt over any reliance on SCCs or BCRs for transfers of data from the EU into the U.S. right now, at least until further guidance is provided.