In July 2020, the Schrems II case invalidated the EU-US Privacy Shield meaning that data transfers to non-EU countries were illegal under the GDPR. From this point forward, companies immediately had to comply with the new decision. If companies needed to make a data transfer outside of the EU, they would need to confirm that the country provides equivalent data privacy rules and laws to that of the GDPR.
This ruling of the European Court of Justice (ECJ) trickles down to all EU countries, however because of the many ways in which companies work around the ruling (like through Binding corporate rules BCR), Schrems II is not often taken seriously enough at the local level. However, the Procurement Chamber of Baden-Württemberg has recently made a more binding decision that will greatly impact all public tenders in the state.
According to a Presse Box release, the Vergabekammer Baden-Württemberg, or the Public Procurement Chamber of Baden-Württemberg, has made a non-appealable decision that the transfer of personal data to a “third country” (outside of the EU) that does not have this equivalency in privacy law is impermissable under the GDPR.
This entails that even if a server is operated by a company based in the EU but has a parent company in the US, the data transfer is still not allowed due to the possibility of that data being accessed by its non-European counterparts.
After the EU-US Privacy Shield was invalidated, there still was the possibility of transfers with so called Standard Contractual Clauses (SCCs). However, this new decision in Baden-Württemberg also illegitimizes the use of SCCs which companies and organisations have used as a work around in the past.
“It’s a landmark decision that has a huge influence in Germany and the rest of Europe.“
Our mission is to help individuals, businesses and organizations achieve digital sovereignty and regain control over their data. Nextcloud Hub 5 marks a massive step forward towards achieving this mission, putting the power of AI into your hands – in a way that keeps you in control. New release, new possibilities Hub 5 builds on […]
The serious security flaws in ownCloud (now owned by Kiteworks) do NOT affect Nextcloud. We have strict security processes in place, and do not ship test data from libraries that can cause security breaches.
Today, US-based file sync & share vendor Kiteworks announced their acquisition of ownCloud and Dracoon. Kiteworks points out that their customers now have access to their file-sharing application. It is to be expected they will not maintain 3 similar products, but customers will have to migrate to the US firms‘ platform or look for another […]
Wir speichern einige Cookies, um Besucher zu zählen und die Nutzung der Website zu erleichtern. Diese verlassen unseren Server nicht und dienen nicht der Verfolgung Ihrer online-Aktivitäten.
Weitere Informationen hierzu finden Sie in unserer Datenschutzrichtlinie. Anpassen