The European Data Protection Board (EDPB) has adopted updated Recommendations on the European Essential Guarantees for surveillance measures, providing organisations that transfer personal data outside the UK and European Economic Area with much-needed clarification regarding evaluations of third-country surveillance laws.
Since Schrems II, data exporters using Standard Contractual Clauses (SCCs) have been patiently awaiting guidance from the EDPB as to how they can best assess whether the laws of recipient third countries ensure a level of protection that is “essentially equivalent” to that guaranteed by EU law. The recommendations have been adopted to assist with these assessments, and specifically with respect to assessing surveillance measures, like those in the US that resulted in the invalidation of the EU-US Privacy Shield.
According to the EDPB, the recommendations aim to provide data exporters with the minimum “elements” to determine whether third-country legal frameworks governing public authorities’ access to data for surveillance are a “justifiable interference” with individuals’ privacy rights, and thereby permit the lawful use of the SCCs in such circumstances. If the interference is not justifiable, supplementary measures may need to be implemented or, if this is not possible (or if such measures do not mitigate the risks), transfers must be suspended.
The recommendations highlight that there are four “European Essential Guarantees” against which data exporters must analyse the surveillance laws of the third countries to which they intend to transfer (or are already transferring) personal data using the SCCs. According to the EDPB, the guarantees are based on fundamental and universal rights to privacy and data protection, as follows:
- Processing should be based on clear, precise and accessible rules.
- The legitimate objectives pursued must be demonstrably necessary and proportionate.
- There must be an independent oversight mechanism.
- Individuals must have recourse to effective remedies.
For further information on the details of each of the guarantees, as well as our commentary on the recommendations, please click here.
Stay Up To Date with Ropes & Gray
Ropes & Gray attorneys provide timely analysis on legal developments, court decisions and changes in legislation and regulations.
Stay in the loop with all things Ropes & Gray, and find out more about our people, culture, initiatives and everything that’s happening.
We regularly notify our clients and contacts of significant legal developments, news, webinars and teleconferences that affect their industries.