The issues of non-EU data transfer and the related activities of the DPO.

In this workshop,  Avv. Alessandro del Ninno provided an in-depth analysis of the current framework inherent in international transfers of personal (and non-personal, under the Data Governance Act) data outside the European Economic Area, updated:

• to the July 10, 2023 adequacy decision for the transfer of personal data to the U.S. in light of the Data Privacy Framework;
• to Recommendations 1/2022 of June 23, 2023 of the European Data Protection Board on how to structure BCRs (Binding Corporate Rules); and
• to the principles affirmed by the EU Court of Justice in the so-called "Schrems II" judgment;
• to Recommendations 1/2020 and 2/2020 issued by the European Data Protection Board;
• to the standard clauses for non-EU data transfers approved by the EU Commission in Decision 914/2021.