The Future of International Data Transfers and the Safeguards for International Corporations after Schrems II

Sammanfattning: The EU-US Privacy Shield Decision on data transfers between the EU and the US was found invalid by the CJEU Schrems II ruling on 16 July 2020. After Schrems II, discussions among scholars and practitioners on legal challenges of international data transfers resulting from the case has gained much tension during the past years. Given the significant amount of data that flows between organizations around the world - particularly between the EU and the US, the Schrems II judgment and current EU’s data transfer mechaninsms have upended many multinational companies’ data protection policies and practices. This leads to considerable uncertainty in the regulatory landscape of cross-border data transfers post-Schrems II. This thesis, therefore, aims to examine how the EU’s current data protection regulatory frameworks address data protection and privacy issues raised following the Schrems II ruling on cross-border transfers of EU personal data to a third country outside the EU/EEA, from the perspective of multinational corporations.