Posts Tagged ‘CJEU judgment’

Schrems, what the CJEU decided and why it is a problem for Canadian and other non-EU businesses (updated)

October 12th, 2015

On October 6, 2015 the Court of Justice of the European Union (CJEU) released a bombshell, but not completely unexpected judgment, invalidating a decision of the European Commission that underpinned the EU-US privacy safe harbor. In Schrems v. Data Protection Commissioner [2015] EUECJ C-362/14 (06 October 2015), the CJEU held that supervisory data authorities in Member States have the joint right with the EU Commission to review whether non-EU countries provide adequate protection to personal data transferred to them from the EU despite a decision by the EU Commission that such protection is provided. It also invalided Commission Decision 2000/520 which had found that transfers of personal data to the US from the EU provided adequate protection where the recipient complied with the EU-US Safe Harbour Principles.