The aim of this case law digest is to clarify the structure of the analysis carried out by the CJEU in judgments concerning the transfer of personal data to third countries, highlighting the logic/steps followed and the jurisprudential acquis in relevant case law (See Part 3 of the Case Law Digest entitled Sources). Also it provides the reader the possibility to explore the key issues relating to international transfers of personal data.
The ‘Zero Risk’ Fallacy: International Data Transfers, Foreign Governments’ Access to Data and the Need for a Risk-Based Approach
Following the CJEU Schrems II Judgment in July 2020, European data protection authorities (DPAs) have adopted a “zero risk” approach […]