Locations
A lot has already been said about the legal impacts of the CJEU's ruling in Schrems II - on the consequences of the invalidation of the EU-US Privacy Shield and the potential need for "supplementary measures" in addition to EU Standard Contractual Clauses when transferring EEA/UK data internationally.
But what will the real impacts be in practice? How will organisations respond when using international data processing services? Will they reduce their use of global data processors? What proportion of organisations will actually conduct "data transfer impact assessments"? And what "supplementary measures", if any, do data controllers expect their international processors to implement?
We have created an anonymous online survey (complete the survey) to ask exactly these types of questions. The survey is short, simple and shouldn't take more than 2 – 3 minutes to complete. Please do answer the questions if you can, indicating how the Schrems II ruling will impact your organisations' international data transfers to third party processors.
We will publish our findings from this survey in the next couple of weeks – and the more responses we get, the more helpful our findings will be.
