BRUSSELS (Reuters) – The European Commission on Friday sought feedback on two new data transfer tools after Europe’s top court in July set strict conditions for such mechanisms used by thousands of companies to transfer Europeans’ data around the world for various services.
The Luxembourg-based EU Court of Justice upheld the validity of the data transfer mechanism known as standard contractual clauses (SCCs) in a case involving Facebook and Austrian privacy activist Max Schrems, who has campaigned about the risk of U.S. intelligence agencies accessing data on Europeans.
But judges said privacy watchdogs must suspend or prohibit transfers outside the EU if other countries cannot assure that the data will be protected.
The EU executive has since then scrambled to find a solution as companies grapple with the implications and cost of the court judgment. SCCs are used for services ranging from cloud infrastructure, data hosting, payroll and finance to marketing.
The Commission on Friday published two sets of draft model data protection clauses with the aim of revising the existing SCCs.
“With this updated tool, we want to ensure the high level of protection to our personal data regardless where they are and when they travel. We also want to help businesses with their compliance efforts,” Vice President for Values and Transparency Vera Jourova said in a statement.
EU privacy watchdogs the European Data Protection Board and the European Data Protection Supervisor will now provide their feedback while companies will also be able to offer feedback during a four-week long public consultation.
EU countries will need to give their approval before the Commission adopts a final draft.
(Reporting by Foo Yun Chee; Editing by Kirsten Donovan)