This article is a placeholder that will be updated as more information becomes available in the weeks after the CJEU ruling in the Schrems II case, invalidating the use of Privacy Shield for the transfer of personal data between the EU and the US.
Currently the US is considered not to have adequate data privacy protection measures in place.
Whether GDPR art 49 on the transfer of data to non-adequate countries then apply to this situation is being debated. Cookiebot is currently awaiting a general comment on the situation by the EDPB and we are monitoring local DPA comments and recommendations.
We will update this article as we learn more.