On the 27^th of May the EDPS has started two investigations in order to investigate on activities of main European institutions. It has started the control of activities of European Agencies and the European Commission in the transference of data to USA, by using Amazon and Microsoft cloud services.

European institutions shall comply with the Scherms II judgement, which has entered in force in July 2020, this means that data shall be shared to third countries in compliance with the General Data Protection Regulation.

The European Institutions activities are connected to the software based on cloud and, since are used USA service providers, the Scherms II judgement shall be taken into account during the transference of data and the EDPS has the power to control those activities.

In July 2020, the European Court of Justice pronounced herself on the Privacy Shield. After the entrance in force of the Judgment of the Court, USA will be considered a country with an insufficient personal data protection level to which they have to apply conditions pursuant to the chapter 5 of the General Data Protection Regulation.

SOURCE: AUTORITA’ PER LA PROTEZIONE DEI DATI DELL’ESTONIA