AmCham EU responds to European Data Protection Board recommendations

AmCham EU appreciates the attempt of the European Commission to provide a roadmap for the implementation of the new standard contractual clauses (SCCs) as well as European Data Protection Board's (EDPB) public consultation on the Recommendations 01/2020 to collect feedback on the supplementary measures. However, we are concerned that the EDPB guidance goes beyond both the general data protection regulation and the Schrems II ruling of the Court of Justice of the European Union. Read our full consultation response here.

News
21 Dec 2020
Digital
AmCham EU responds to European Data Protection Board recommendations
HomePolicy and newsLibraryAmCham EU responds to European Data Protection Board recommendations

AmCham EU appreciates the attempt of the European Commission to provide a roadmap for the implementation of the new standard contractual clauses (SCCs) as well as European Data Protection Board's (EDPB) public consultation on the Recommendations 01/2020 to collect feedback on the supplementary measures. However, we are concerned that the EDPB guidance goes beyond both the general data protection regulation and the Schrems II ruling of the Court of Justice of the European Union. Read our full consultation response here.

AmCham EU members support the purpose of the recommendations to protect the rights and privacy of citizens. Nevertheless, some elements of the recommendations would place an extreme burden on businesses of all sizes and sectors trying to conduct business. This is concerning when thousands of American and European businesses, from small and medium-sized enterprises (SMEs) to international corporations, rely on international data transfers on a day-to-day basis.

We urge the EDPB to recognise more explicitly that the application of safeguards should be risk-based, reflecting the type and volume of personal data (including whether or not it includes special categories of data), the type of government surveillance requests and access to which a multinational may be exposed. Furthermore, rather than directly addressing concerns with the foreign governments that control data protection legal regimes, the recommendations shift the responsibility and burden of assessing and supplementing the essential equivalent protection of legal systems to the private sector. These developments hinder business opportunities and international collaboration, when a seamless system for the transfer of data across borders is essential for competitiveness and innovation.

Within our consultation response we have identified key changes that could be made to the draft recommendations to improve the EDPB’s work on data transfer measures. We urge the EDPB to consider these elements and practical implications of the recently published recommendations in order to revaluate the text accordingly and proportionately.

AmCham EU makes five key recommendations. These are:

  • Taking account of the importance of a risk-based approach to data transfers;

  • The need to take a proportionate approach to potential risk to data subjects;

  • Considering the limitations of encryption as a protective measure for business use;

  • Ensuring coherence with the draft implementing decision on SCCs; and

  • Aligning the timeline for the transition and compliance periods with the period foreseen in the European Commission’s new SCCs.

In addition, AmCham EU joined a wide-ranging coalition of industry groups in a call to the EDPB and the European Commission to ensure much-needed legal certainty around data flows in and outside of the European Union, pointing to repercussions an unduly restrictive approach to data flows would have on European industries. Read the global business community statement here.

Related items

News
21 May 2026

A year of giving back

Intel has called Ireland home since 1989, investing more than €30 billion and supporting 4,900 jobs. Alongside this long-term commitment, the company is helping strengthen local communities through its Signature Charity initiative. For the past 16 years, the Intel Foundation and Intel employees have selected a charity each year to support through volunteering and fundraising. In 2025, Intel Ireland chose Teach Tearmainn, the only organisation in County Kildare dedicated to supporting women and children experiencing domestic violence and abuse. Through fun runs, cycling events, a triathlon, a giving campaign, employee-led fundraising and recycling initiatives, Intel employees raised €80,000 for the charity – the company’s largest charity donation to date. These efforts show how long-term investment, employee engagement and community partnerships can help deliver meaningful support where it is needed most. Read the full story on Invested in Europe.

Social impact, inclusion and skills
Digital
Read more
Read more about A year of giving back
Position Paper
13 May 2026

Strengthening Europe’s cybersecurity framework through simplification

The review of the Cybersecurity Act (CSA 2.0) is an opportunity to build a more coherent, outcome-oriented EU cybersecurity framework. While the proposal recognises fragmentation across the Single Market, further simplification is needed to reduce overlaps and support effective compliance.

A harmonised approach to risk assessment and supervision can strengthen resilience while avoiding duplicative obligations. Certification and supply-chain measures should remain risk-based, objective, technical and aligned with international standards. Structured industry engagement and clear designation thresholds under the ICT Supply Chain Framework and a secure-by-design approach to policymaking will be essential to support cybersecurity and global interoperability. Read more on how CSA 2.0 can strengthen resilience across the Single Market.

Digital
Read more
Read more about Strengthening Europe’s cybersecurity framework through simplification
Close-up of a laptop keyboard with blue backlighting, highlighting the shift key and adjacent keys in a soft-focus perspective.
News
13 Apr 2026

Industry calls for ambitious and simplified implementation of the AI Act 

Together with 14 other associations, AmCham EU has signed a joint statement on the European Commission’s Digital Omnibus on AI, calling for a clear, simple and innovation-friendly implementation of the AI Act. Co-legislators should swiftly reach an agreement on an ambitious final text that keeps simplification at its core. Measures to streamline overlaps with existing EU legislation and improve legal certainty are essential, alongside targeted adjustments to ensure the framework remains practical. This includes extending grace periods for generative AI labelling requirements, ensuring greater legal clarity for AI systems entering the EU market, preserving the risk-based approach of the AI Act by exempting non high-risk systems from registration, and supporting fixed compliance deadlines for high-risk systems.

Learn how the EU can support a clear and innovation friendly framework in the joint statement.

Digital
Read more
Read more about Industry calls for ambitious and simplified implementation of the AI Act 
Policy priorities

Insights and advocacy driving Europe’s policy agenda. Our priorities support growth, innovation and a stronger transatlantic economy.

Discover our priorities
Membership

Connecting business and policymakers to strengthen the voice of American companies in Europe.

Become a member