AmCham EU appreciates the attempt of the European Commission to provide a roadmap for the implementation of the new standard contractual clauses (SCCs) as well as European Data Protection Board's (EDPB) public consultation on the Recommendations 01/2020 to collect feedback on the supplementary measures. However, we are concerned that the EDPB guidance goes beyond both the general data protection regulation and the Schrems II ruling of the Court of Justice of the European Union. Read our full consultation response here.
AmCham EU responds to European Data Protection Board recommendations
AmCham EU appreciates the attempt of the European Commission to provide a roadmap for the implementation of the new standard contractual clauses (SCCs) as well as European Data Protection Board's (EDPB) public consultation on the Recommendations 01/2020 to collect feedback on the supplementary measures. However, we are concerned that the EDPB guidance goes beyond both the general data protection regulation and the Schrems II ruling of the Court of Justice of the European Union. Read our full consultation response here.
AmCham EU members support the purpose of the recommendations to protect the rights and privacy of citizens. Nevertheless, some elements of the recommendations would place an extreme burden on businesses of all sizes and sectors trying to conduct business. This is concerning when thousands of American and European businesses, from small and medium-sized enterprises (SMEs) to international corporations, rely on international data transfers on a day-to-day basis.
We urge the EDPB to recognise more explicitly that the application of safeguards should be risk-based, reflecting the type and volume of personal data (including whether or not it includes special categories of data), the type of government surveillance requests and access to which a multinational may be exposed. Furthermore, rather than directly addressing concerns with the foreign governments that control data protection legal regimes, the recommendations shift the responsibility and burden of assessing and supplementing the essential equivalent protection of legal systems to the private sector. These developments hinder business opportunities and international collaboration, when a seamless system for the transfer of data across borders is essential for competitiveness and innovation.
Within our consultation response we have identified key changes that could be made to the draft recommendations to improve the EDPB’s work on data transfer measures. We urge the EDPB to consider these elements and practical implications of the recently published recommendations in order to revaluate the text accordingly and proportionately.
AmCham EU makes five key recommendations. These are:
Taking account of the importance of a risk-based approach to data transfers;
The need to take a proportionate approach to potential risk to data subjects;
Considering the limitations of encryption as a protective measure for business use;
Ensuring coherence with the draft implementing decision on SCCs; and
Aligning the timeline for the transition and compliance periods with the period foreseen in the European Commission’s new SCCs.
In addition, AmCham EU joined a wide-ranging coalition of industry groups in a call to the EDPB and the European Commission to ensure much-needed legal certainty around data flows in and outside of the European Union, pointing to repercussions an unduly restrictive approach to data flows would have on European industries. Read the global business community statement here.
Related items
:focal())
News
26 Nov 2025
Brainy in Brittany
Along with beautiful scenery and delicious cuisine, Brittany is a hub for cutting-edge innovation, thanks to strategic investments in research and technology. InterDigital established its largest research centre in Rennes in 2019, employing local engineers to develop next-generation video, wireless and artificial intelligence technologies. The company partners with the French Research Institute for Computer Science and Automation and the University of Rennes 1, fostering collaboration with researchers and students. In 2025, InterDigital was awarded ‘Produit en Bretagne’ accreditation, recognising its regional impact. Learn how InterDigital is investing in European innovation and talent through its state-of-the-art Rennes facility on Invested in Europe.
:focal())
News
20 Nov 2025
Digital Economy Conference 2025: in review
AmCham EU’s 2025 Digital Economy Conference took place on Thursday, 20 November with the theme ‘A transatlantic agenda for growth, innovation and simplification’. The event brought together policymakers, regulators and industry leaders to explore how Europe and the US can align efforts to promote responsible innovation, resilient infrastructure and forward-looking regulation in a rapidly evolving digital landscape.
Malte Lohan, CEO, AmCham EU, opened the conference with remarks highlighting the importance of strong transatlantic partnership to shape digital policy in an increasingly complex global environment.
:focal())
News
20 Nov 2025
Digital Omnibus: a strong first step, but more room for harmonisation
The European Commission’s newly introduced Digital Omnibus package is a good starting point for the EU’s digital simplification. Measures such as adjusting the timeline for the application of high-risk AI rules and a reinforced role for the European AI Office are tangible improvements that will give businesses more certainty about how and when they need to meet their compliance obligations. Similarly, the Commission’s launch of a Digital Fitness Check to stress test the digital rulebook and a Data Union Strategy to unlock high-quality data for AI development are important steps.
However, in certain areas the Commission’s proposal does not go far enough, especially in the harmonisation of cybersecurity obligations. A single entry point for incident reporting helps, but duplication and fragmentation persist across the Network and Information Security Systems Directive 2, the Cyber Resilience Act, the Digital Operational Resilience Act and the General Data Protection Regulation. To cut costs for businesses while raising cyber resilience, the Omnibus should also:
Harmonise taxonomies, thresholds and timelines
Expand the main establishment principle
Align certification and conformity assessments to avoid double audits
Lessons from other Omnibus initiatives underscore the need for the co-legislators to take swift action and ensure reliable political support behind the Commission’s competitiveness agenda. The stakes for the Digital Omnibus are Single Market-wide. Manufacturers, healthcare and life sciences, financial services, mobility, energy and retail all rely on digital technologies and all face unnecessary burdens from overlapping digital rules. Targeted simplification that reduces duplication and clarifies enforcement promises to accelerate AI adoption, bolster cyber resilience and free resources for investment and jobs across Europe.
For more detailed recommendations, read our Digital Omnibus position paper.
Policy priorities
Insights and advocacy driving Europe’s policy agenda. Our priorities support growth, innovation and a stronger transatlantic economy.
Membership
Connecting business and policymakers to strengthen the voice of American companies in Europe.