For years, transfers of personal data between the European Union and the United States have been in the spotlight. Recent developments have again stirred up the ongoing discussion.
On 10 July 2023 the European Commission issued a new adequacy decision that can provide a legal basis for transfers of personal data from the EU to the US, as necessary under the General Data Protection Regulation (GDPR). For the time being this brings an era of legal uncertainty to an end. However, in view of the events that led to this decision as well as the initial assessments of the new framework, it seems likely that the European Courts will again have to deal with questions of transfer.
With this paper, the author strives to balance the theoretical and textual backgrounds with the Schrems case line and political elements. The work assesses the main points of the new adequacy decision, the ‘EU-US Data Privacy Framework’ and embeds the framework into a larger overview of the status quo of transatlantic data transfers.