Over the past year, substantial discussions between the US and the European Commission have led to this draft adequacy decision which follows the signed US Executive Order by President Biden on October 7.
What needs to be emphasised?
Addressing the issues raised by the European Union’s Court of Justice in its Schrems II ruling, the draft decision aims to establish strong safeguards to allow secure personal data transfers of the EU residents. Those measures include the limitation of access for US intelligence agencies, as well the implementation of an independent redress mechanism to deal with violations of the framework.
So, what’s about to come next?
After submitting the draft adequacy decision to the EDPB for a non-binding opinion, the decision will be first presented to a committee composed of EU Member State representatives. In the meantime, the European Parliament and the Council may exercise their right to scrutinise the adequacy decisions. The adoption of the finalised decision isn’t expected before spring 2023.
In the same vein, the EU Cloud CoC’s Third County Initiative, which aims is to act as a Chapter V GDPR safeguard by setting up adequate practises for Cloud Service Providers, fully aligns with the EU-US endeavours to strengthen a robust and safe international data protection framework.
To learn more about the initiative click here.