New EU-Approved GDPR Standard Contract Clauses: Mandatory Assessments, Affirmative Obligations of Data Importers
Recording of a 90-minute CLE video webinar with Q&A
The CLE course will guide counsel on the new Standard Contractual Clauses (SCCs) released by the European Union on June 4, 2021. The new SCCs address the compliance requirements for cross-border data transfers under the EU's General Data Protection Regulation (GDPR). The panel will address what the EU has instituted and how the new SCCs resolve certain practical issues companies faced when using the older versions but simultaneously introduce new obligations for businesses that transfer personal data out of the EU. The panel will also discuss the released set of SCCs to address GDPR Article 28 requirements for controller-to-processor personal data transfers within the European Economic Area (EEA).
- Standard contractual clauses for DPAs
- The implementation of the new SCCs under Articles 46(1) and (2)(c) of the GDPR
- The implementation of the new standard contractual clauses for DPAs under Article 28(7) of the GDPR
- Old SCCs adopted under Directive 95/47/EC
- Old SCCs executed before Sept. 27, 2021
The panel will review these and other key topics:
- What are the obligations for data importers, including importers acting as controllers addressed in the new SCCs?
- Which types of transfers that the existing SCCs don't expressly cover are covered under the new SCCs?
- How do the new SCCs consolidate terms and allow controllers and processors to select the relevant clauses that apply on a modular basis? How do the new SCCs affect U.S.-based businesses and non-EU established data exporters to the extent the processing is subject to the GDPR under the extraterritorial reach of GDPR Article 3(2)?
- What are the processor terms included in the new SCCs?
- How are choice of governing law and jurisdiction affected by the new SCCs?
- How do the new SCCs address the concerns raised by the CJEU in Schrems II?
Ryan P. Blaney
Mr. Blaney's practice focuses on representing clients in the healthcare and life sciences industries in a wide... | Read More
Mr. Blaney's practice focuses on representing clients in the healthcare and life sciences industries in a wide range of matters including healthcare fraud and abuse, civil and criminal government investigations, qui tam and whistleblower disputes under the False Claims Act and other federal and state laws and regulations, HIPAA privacy and data security, compliance and transactional services, and antitrust matters.Close
Cleary Gottlieb Steen & Hamilton
Ms. Gerlach’s practice focuses on electronic discovery and European data protection law. She is managing the... | Read More
Ms. Gerlach’s practice focuses on electronic discovery and European data protection law. She is managing the European eDiscovery Group from our Brussels office. Ms. Gerlach’s team specializes in advising on the collection and systematic investigation and production of data throughout the life cycle of investigations, for litigation and arbitration purposes, or in the M&A space. She also advises clients on dawn raid proceedings and focuses on all aspects of data protection and privacy issues. Ms. Gerlach is a frequent speaker at international conferences on cross border data transfers topics and has published extensively on a number of data protection topics.Close
Cleary Gottlieb Steen & Hamilton
Mr. Kristensen’s practice focuses on intellectual property, technology, and commercial contracts matters,... | Read More
Mr. Kristensen’s practice focuses on intellectual property, technology, and commercial contracts matters, particularly in the life sciences, financial services, and technology sectors. He advises leading multinational corporations, private equity firms, and high-growth companies on the IP, technology, and commercial contracts aspects of M&A, joint ventures and collaborations, complex carve-outs and business separations, capital markets offerings, and other significant corporate and commercial transactions. Mr. Kristensen’s commercial contracts experience includes collaboration, option, and licence agreements; manufacturing, supply, and distribution agreements; transitional services and IT infrastructure separation agreements; co-marketing and co-promotion agreements; consortium agreements; R&D services arrangements; IT outsourcings; business and digital transformation projects; and e-commerce arrangements. He also advises on the full range of legal issues relating to data, including data protection (GDPR), privacy, and cybersecurity matters.Close