France: Adopted guidance on the consequences of the Schrems II judgment

The CNIL adopts a guidance that outlines the consequences of the CJEU Schrems II judgment, specifically the legality of certain transfers of personal data outside of the European Union, especially to the United States. The CNIL recommends, complementing the EDPS's guidance, that businesses identify data transfers that require a re-examination by means of a technical and legal census and implement an action plan to ensure the legality of data transfers outside of the European Union.