You may sometimes get the feeling no progress is being made to solve the issue of transferring personal data from the European Union to other countries around the world. After the draft EDPB Recommendations and draft model Standard Contractual Clauses, no major changes have been communicated. 

TrustArc 19.05 The Conversation Continues


Wednesday 19th May

Event Timings:

BST: 2pm - 3pm

CET: 3pm - 4pm

EDT: 9am - 10am


But that does not mean nothing is happening - behind the scenes, negotiations are ongoing and documents are being finalised and the first enforcement cases are being decided upon. The new Standard Contractual Clauses should be adopted in April, the negotiations on the Privacy Shield 2.0 have recently been intensified and new adequacy decisions have been announced for both the UK and South Korea.

What are the lessons we can learn from all these developments on how to transfer personal data from Europe to other parts of the world?

This webinar will review:

  • Current status of the new Standard Contractual Clauses and the Privacy Shield 2.0
  • Lessons learned from the draft adequacy decisions for the UK and South Korea on the future of international transfers
  • The importance of conducting a data transfer risk assessment (still important!)
  • Transfer related enforcement actions


Meet the Speakers:

Paul Breitbarth

Director, EU Policy & Strategy, TrustArc

Paul Breitbarth is a privacy lawyer from the Netherlands. In 2016, he joined the Canadian privacy software and research company Nymity, which became part of TrustArc in November 2019. He currently serves as Director, EU Policy and Strategy and is based at TrustArc’s office in The Hague, the Netherlands. As part of the Privacy Intelligence team, Paul contributes to the company’s thought leadership via papers, webinars and public speaking opportunities on a variety of topics, including accountability, the demonstration of compliance and dealing with multiple data protection laws with one single privacy program. Paul also maintains regulator contacts across the EU and beyond. Paul is Senior Visiting Fellow and Member of the Board at Maastricht University’s European Centre on Privacy and Cybersecurity.

Before joining Nymity, Paul served as senior international officer at the Dutch Data Protection Authority. He was an active member of various Article 29 Working Party subgroups, co-authoring opinions on the data protection reform, national security and surveillance, the Privacy Shield and others. In 2015, he organized the International Privacy Conference in Amsterdam. Paul holds a Master of Laws from Maastricht University in the Netherlands.

Marty Abrams

Chief Strategist, Information Accountability Foundation

Martin Abrams has been a data protection pioneer for the past 30 years. He currently leads the Information Accountability Foundation after founding The Centre for Information Policy Leadership (CIPL), a global privacy and security organisation that works with industry leaders and regulators. The IAF multi-stakeholder work has influenced information policy in Europe, the Americas, and Asia.

He has led educational seminars on almost every continent and has been a key advisor to four International Conference of Data Protection and Privacy Commissioners. He has been deeply involved in the development of the APEC Cross Border Privacy Rules and has also been involved with the OECD Working Party on Information Security and Privacy. He is an advisor to numerous benchmark corporate privacy programs.

For the past five years, he has led the Global Accountability Project, which has refined the accountability principle that is part of various data protection laws and guidance documents.

Abigail Dubiniecki

Lawyer & Data Privacy Specialist, nNovation LLP

Abigail is a lawyer and privacy professional who is passionate about all aspects of data privacy, tech and data strategy. As Counsel with nNovation LLP in Canada, a Data Privacy Specialist with My Inhouse Lawyer in the UK, and with varied international and professional experience, Abigail brings a global perspective to her practice. She helps clients in Canada and the UK navigate the tricky regulatory terrain of Canadian and EU data privacy obligations to achieve their goals while enhancing stakeholder trust and de-risking the business. She is bilingual in French and English and dual-qualified in Ontario and Quebec. 

From data privacy to data strategy, she takes a commercial, risk-based approach that goes beyond compliance to develop robust, sustainable privacy programs that blend legal, technological and operational dimensions. She is also very involved with the privacy communities in Canada and the UK as a speaker, writer, trainer and member of numerous committees and associations.