German data protection authorities conference addresses implications of Schrems II ruling

According to the National Law Review, the Conference of the German Data Protection Authorities (Datenschutzkonferenz [DSK]) has issued a press release following its 100th anniversary meeting. The DSK discussed data protection in the context of the enterprise version of Microsoft’s Windows 10, and in particular its telemetry functions, as well as the data protection improvements announced by Microsoft Office 365. Regarding the telemetry functions, the DSK identified three test scenarios in which data controllers can use the ‘security’ telemetry level when using the enterprise version, and as a result, should take contractual, technical or organisational measures to ensure that no personal data is transmitted to Microsoft. With regards to Office 365, the DSK will remain in talks with Microsoft. For both issues, the DSK stated that it will consider the 16 July 2020 judgment of the Court of Justice of the European Union (CJEU) ‘Schrems II’ regarding the transfer of personal data to non-adequate countries.