Why It Is Unlikely the Announced Supplemental SCCs Will Materialize


04 Nov 2021

In an article for IAPP, MoFo’s Lokke Moerel, senior of counsel, and Alex van der Wolk, partner and co-chair of Morrison & Foerster’s Privacy + Data Security practice, discuss that the European Commission – in a change of course – has confirmed that it will develop a supplemental set of standard contractual clauses (SCCs) to cover data transfers to data importers already subject to the EU General Data Protection Regulation.” 

When the EC launched the 2021 SCCs this summer, Recital 7 stated that the SCCs are unnecessary when the data processing by the data importer is already directly governed by GDPR. This Recital 7 has been the topic of debate ever since, and recent meeting minutes of the European Data Protection Board (EDPB), now confirm that the EDPB viewed the issue differently and considers such transfers still subject to the transfer rules “otherwise, no supplemental SCCs would be required for this situation,” they write. Lokke and Alex discuss why it is “unlikely” the EC and EDPB will “quickly see eye to eye on what the supplemental SCCs should look like.”

Read the full article.



Unsolicited e-mails and information sent to Morrison & Foerster will not be considered confidential, may be disclosed to others pursuant to our Privacy Policy, may not receive a response, and do not create an attorney-client relationship with Morrison & Foerster. If you are not already a client of Morrison & Foerster, do not include any confidential information in this message. Also, please note that our attorneys do not seek to practice law in any jurisdiction in which they are not properly authorized to do so.