Partner Adam Rose explained what standard contractual clauses were following the news that Google has plans to update its Google Ads, in order to remain compliant with Europe's General Data Protection Regulation.
The change followed a July decision by the Court of Justice of the European Union to invalidate the “Privacy Shield,” a framework that allowed for the transfer of personal data between Europe and the U.S.
Google told its Ads clients that it will now instead use standard contractual clauses to validate the transfer of personal data from its advertising and measurement services to the U.S. from the European Economic Area, Switzerland and the U.K.
Discussing what a data 'controller' – such as a publisher – that transfers personal data out of the EU should do immediately, Adam said that;
“The risk is with [publishers] rather than Google.” He explained that’s because Google is the processor of the data and publishers are the data controllers who are primarily responsible for what happens to the data that’s being processed.
Read the full piece here.