In its landmark Schrems II ruling, the European Court of Justice declared the Privacy Shield invalid and imposed new requirements on international data transfers. In this webinar, Max Schrems, the plaintiff in the ruling, provides unique first-hand insights—supplemented by a live interview and practical tips.

Max Schrems – The man behind Schrems II

Directly from the plaintiff: How Schrems II came about and revolutionized data transfers.

We are talking about

– Introduction to the background: Facebook, US intelligence agencies, and the battle for data protection (https://www.forum-verlag.com/fachwissen/datenschutz-und-it-sicherheit/schrems-2-urteil/)

– The Schrems II ruling: invalidity of the Privacy Shield and strengthening of standard contractual clauses (SCCs) (https://www.cookiebot.com/de/schrems-ii/)

– Current developments: Data Privacy Framework, server-side tracking, and AI challenges (https://www.youtube.com/watch?v=s7cI1DXJJdY)

– Risks for companies:https://www.all-about-security.de/schrems-ii-explained-everything-you-need-to-know/

Finally, it gets interactive:

👉 Live Q&A: Ask Max Schrems your questions directly

👉 Practical checklist: Specific steps for GDPR-compliant data transfers.

A session for data protection officers, IT managers, and entrepreneurs who want to secure transatlantic data flows.

Selected links from the webinar

– Official ECJ ruling Schrems II (C-311/18)

– EDPB recommendations on SCCs post-Schrems II

– noyb.eu: Max Schrems' organization for data protection lawsuits.

Show Notes – Recap

Event: SCHREMS to SCHREMS II – From ruling to practice

Guest: Max Schrems, noyb.eu

📜 Background to the ruling

– ECJ ruling of July 16, 2020: Privacy Shield invalid, SCCs require case-by-case review. https://www.forum-verlag.com/fachwissen/datenschutz-und-it-sicherheit/schrems-2-urteil/

– Affected: Transfers in the US via cloud services such as Microsoft, Google, Zoom. https://www.forum-verlag.com/fachwissen/datenschutz-und-it-sicherheit/schrems-2-urteil/

🔒 Practical consequences

– Responsible parties must check and supplement the level of protection in third countries, https://www.all-about-security.de/schrems-ii-explained-everything-you-need-to-know/

– Regulatory authorities: Suspend in case of inadequate protection. https://www.forum-verlag.com/fachwissen/datenschutz-und-it-sicherheit/schrems-2-urteil/

🌍 The future of transfers

– Alternatives: EU servers, Binding Corporate Rules (BCR), consent pursuant to Art. 49 GDPR

– Current: Data Privacy Framework as successor – with unanswered questions. https://www.youtube.com/watch?v=s7cI1DXJJdY