CIPL Issues White Paper on New Standard Contractual Clauses for International Transfers under the GDPR
Time 2 Minute Read

On August 7, 2019, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth LLP issued a white paper titled Key Issues Relating to Standard Contractual Clauses for International Transfers and the Way Forward for New Standard Contractual Clauses under the GDPR (the “White Paper”). The White Paper was submitted to the European Commission as part of its ongoing work to update EU Standard Contractual Clauses for international transfers (“SCCs”).

The White Paper intends to highlight the main challenges organizations currently face when relying on the use of existing SCCs and proposes practical ways to overcome these challenges through updating SCCs in line with the EU General Data Protection Regulation (“GDPR”).

The White Paper focuses on three main topics as they pertain to SCCs and puts forward various recommendations. The topics include (1) structural and procedural formalities; (2) updating the substantive obligations contained in SCCs consistent with the GDPR; and (3) practical issues.

Key recommendations made in the White Paper include:

  • SCCs should be adapted to multiparty and multiprocessing situations.
  • SCCs should enable flexibility in the role of organizations (e.g., SCCs should cover processor-to-processor transfers and consideration should be given to joint-controller situations).
  • SCCs should permit organizations to adapt the language to their specific processing contexts as long as a firm set of principles is complied with.
  • The broad territorial scope of the GDPR should be considered in updating SCCs.
  • The relationship of SCCs with Article 28 contracts under the GDPR should be clarified.
  • A grandfather clause enabling current SCCs to remain valid under the GDPR or, at minimum, enabling organizations to prioritize the uptake of new SCC templates on the basis of specific criteria should be put in place.

To read more about these recommendations along with all of CIPL’s other suggestions for updating SCCs in line with the GDPR, view the full paper.

Search

Subscribe Arrow

Recent Posts

Categories

Tags

Archives

Jump to Page