Demystifying Data Privacy (and DPAs) For The Business Transactional Attorney
Data Privacy Addendums (DPAs) are written agreements allowing the legitimate transfer of personal data from the EU to the US under the EU’s GDPR. DPAs also include SCCs or Standard Contractual Clauses, which have been updated by the EU this year.
• Here are some questions to help understand the DPA terrain.
• What is personal data (EU term) or personal information (US term)?
• What are the standard contractual clauses or SCCs and how did that change in 2021?
• What is Schrems? Is the EU going to bar the export or transfer of personal data to the US?
• What are supplementary measures or transfer impact assessments?
• Is anonymizing personal data the same as de-identifying it? Why is it important for tech companies to understand the difference?
• What does a risk-based approach to privacy compliance mean?