Schrems II Transfers and How They Work IRL: #Cryandpray

Share on facebook
Share on twitter
Share on linkedin
Share on reddit
Share on email

A client requests that you conduct a TIA for data transfers to a US cloud service provider who will (gasp) access the data in the clear.

Do you:

run away and leave a cartoon-like cloud of dust take their money and laugh take their money and cry or other

It was a pleasure to participate in the “#cryandpray: Schrems II transfers IRL” roundtable at the International Association of Privacy Professionals’ Data Protection Congress in Brussels.

We covered several topics, including:

How are multinational based in the US approaching cross border transfers of HR data? Will the UK initiative move the needle in the EU, with respect to either: helpful third country assessment information or generally re: risk based? What methodology are companies using for TIAs and risk assessment? How are they approaching TIAs for sub processors and sub sub processors until we reach Middle Earth? Is there anything concrete we can do besides swipe the waterproof mascara and cry and pray?

Read the article