It may occasionally seem that the EU laws look like a chicken with its head cut-off.
It’s been more than half year since Schrem-II substantially changed privacy world, with succinct EDPB FAQ issued a week later and controversial Recommendations 01/2020 still stuck at the stage of public consultations and leaving more questions than answers, especially for businesses operating globally.
A recent agreement (after how many reiterations?) on ePrivacy Regulation resembles a Christmas that does not really make happy as it raised clear concerns among privacy community and received a plenty of negative feedbacks, with this from the German Federal Commissioner probably being the most rampant. Surely, the deadlock has been broken, and this is undoubtedly a huge progress and achievement that should not be underestimated (regardless of any criticism voiced). At the same time, there is obviously a long way to go to reach true reconciliation.
Going back to Schrem-II stalemate, my impression is that many companies took a ‘wait and see’ approach, while taking careful first steps and probably nervously waiting for possible first cases of detected non-compliance in the industry. If you want to briefly recap on what’s happened in this realm since July 2020, here it is from IAPP.