An interesting piece on the US-EU Privacy Shield: Privacy laws within USA need to step up in order to transact with EU.
Just logged in to post the same topic
Here's another article on it.
The ruling is a major victory for privacy and data protection campaigners and will have immediate and complex implications for data sharing between the EU and US
Are the controller to processor EU-US model clauses genuinely better?
Auditing compliance of a processor on another continent isn't going to be easy even without the pandemic impacting business operations and travel.
This is an excellent article from Bird&Bird on the topic.
Provides insight and suggestions on what organisations can/should do.
Given that the framework has been invalidated by the CJEU and that the European Data Protection Board (EDPD) stated about transfers under Privacy Shield: "Transfers on the basis of this legal framework are illegal.", should we expect ISC^2 to remove all questions about this subject in the exams?
@Vigenere I think the answer to your question is, if there are questions then yes they should be removed but that is done through process.
If there are no questions, then no harm no foul.