Štěpánka Havlíková recently authored an article “New EU-US Data Privacy Framework: US companies become safe data recipients again” (in Czech “Nový Rámec ochrany soukromí mezi EU-USA: USA je opět bezpečným příjemcem údajů”), which was published on epravo.cz.

On 10 July 2023, the European Commission adopted an adequacy decision and confirmed the new EU-US Data Privacy Framework (EU-US DPF). The EU-US DPF requires prior certification of US companies to become secure recipients of personal data. Transfers of personal data from the EU to participating companies in the US will no longer require prior Transfer Impact Assessments (TIAs), Local Law Assessments (LLAs) of complex areas of foreign laws, additional safeguards (such as further security measures) or standard contractual clauses (although lighter forms of data processing agreements or data sharing agreements will still be required).

Read the full article in Czech here