A Collection is a selection of features, articles, comments and opinions on any given theme or topic. It allows you to stay up‑to‑date with what interests you most.
Login here to access your saved articles and followed authors.
We have sent you an email so you can reset your password.
Sorry, we had a problem.
Tags related to this article
Published 3 March 2016
The ICO has published interim guidance on cross border transfers in light of the Schrems decision and the proposed Privacy Shield.
Although acknowledging that Schrems has cast doubt on the validity of transfers of personal data to the US under all mechanisms, the ICO has confirmed their acceptance of the use of SCCs (Standard Contractual Clauses) and BCRs (Binding Corporate Rules) for data transfers from the UK to the US in the absence of a Safe Harbor framework.
They have also confirmed that they will not be actively looking to take enforcement action against companies who were previously transferring personal data under the Safe Harbor regime. The interim guidance states that the ICO will not be hurrying to utilise its enforcement powers because no immediate increase in risk to individuals' personal data has arisen. The ICO will, however, continue to analyse complaints from data subjects regardless of the international data transfer mechanisms that are in place.
To view the ICO blog article Safe Harbor: 'Calmer waters on the horizon', please click here.
To view the interim guidance, please click here.
Organisations may take comfort from the ICO statement that it is not going to actively seek out companies who were previously making transfers under Safe Harbor to take enforcement action. However it is advised that organisations do still continue to seek to put in place standard contractual clause agreements when transferring data to companies who formerly relied on the Safe Harbor. The ICO statement confirms that these can be relied on for the time being at least.
Return to main page.
London - Walbrook
+44 (0)20 7894 6577