JUL 16, 2020 | US | EUROPEAN UNION
BSA Statement on European Court of Justice Ruling on “Schrems II” Case
BRUSSELS – July 16, 2020 – BSA | The Software Alliance is pleased that today’s decision by the European Court of Justice (ECJ) upheld Standard Contractual Clauses, consistent with BSA’s amicus brief and arguments submitted to the Court, but is disappointed that the ECJ invalidated the EU-US Privacy Shield.
“Today’s ECJ decision creates a challenge for more than 5,300 U.S.-based companies—including over 250 with headquarters in Europe—that relied on the Privacy Shield to transfer personal data to and from Europe,” said Thomas Boué, Director General of Policy—EMEA at BSA. “70 percent of the companies certified to the Privacy Shield were SMEs, and they will now have to spend time and resources finding alternatives to carry out daily business transactions like processing payroll, sending emails, or storing documents on cloud-hosted servers.”
“Companies need to have reliable and stable mechanisms to send data from the EU to the United States. This is an unwelcome development at a time when businesses on both sides of the Atlantic are focusing on recovering from the economic impacts of Covid-19 and are increasingly relying on data-driven tools and services to do so,” Boué added.
“BSA is studying the details of the decision. We stand ready to work immediately with the European Commission, the US Government, and the transatlantic business community, who share the common goal of finding a new, sustainable data transfer mechanism that will work for the long term,” said Boué. “More positively, the Court has upheld the ability to use Standard Contractual Clauses as a responsible, trusted tool to transfer personal data outside Europe, including to the United States.”
Standard Contractual Clauses – or SCCs – are the main transfer mechanism used by 90 percent of companies that transfer data internationally. SCCs, which are issued by the EU Commission, were also under review by the ECJ. SCCs underpin transfers of personal data from the EU to some 180 countries, including Australia, Singapore, South Korea, Brazil, India, and Mexico. These clauses impose a range of contract-based obligations to help ensure EU law’s strong privacy protections flow with any personal data sent outside of the EU. The SCCs impose mandatory safeguards and companies that use SCCs also apply additional safeguards that are tailored to each specific transfer.
BSA |“软件联盟”(www.bsa.org) 是全球软件行业的主要倡导者，旨在代表该行业，向政府和国际市场发声。其成员包括全球最具创新力的公司，这些公司制定的软件解决方案，不但能够刺激经济，还能提升现代生活的品质。
BSA 的总部位于华盛顿特区，其营运机构遍布 30 多个国家。BSA 凭借这些机构，率先涉足合规项目，以期促进使用合法软件、倡导制定公共政策，并以此培养技术创新能力，以及推动发展数字经济。