Skip to main content

Like many websites, BSA’s websites use cookies to ensure the efficient functioning of those websites and give our users the best possible experience. You can learn more about how we use cookies, and how you can change your browser's cookie settings, in our cookies statement. By continuing to use this site without changing your cookie settings, you consent to our use of cookies.



Principles: Additional Safeguards for SCC Transfers

Companies of all sizes and in all industries rely on the ability to send data across international borders. In light of the July 16, 2020, decision by the Court of Justice of the European Union (“CJEU”) in Schrems II, companies are considering appropriate measures to provide additional safeguards for data they transfer outside of the EU pursuant to Standard Contractual Clauses (“SCCs”).

BSA | The Software Alliance has identified seven principles to guide companies adopting additional safeguards for EU data transfers. These principles focus on legal, technical, and organizational measures that companies can adopt to safeguard data in connection with government requests, such as requests from law enforcement or national security authorities. These principles are intended to help organizations develop specific safeguards that can supplement SCCs, and to provide a level of protection in addition to the measures already embodied in Commission-approved SCCs.

Download PDF