??? What's next for transatlantic data transfers?

Each month, the team at Didomi compiles the essential information to help you stay in touch with our work and the privacy industry: top articles and guides, data insights, opinion pieces from industry experts, and curation of the best privacy publications online. Have a good read.

TL;DR: In this month's edition, we look at what's next for the EU-U.S. Data Privacy Framework and the acceptance rate by state in the U.S., before introducing our next webinar.

EU-U.S. data transfers: What's in store for 2025? ???

For years, transatlantic data transfers have faced scrutiny on both sides of the ocean. The latest and current framework in place, the EU-U.S. Data Privacy Framework (DPF), is no exception and is likely to collapse with a new administration in the White House:

"I can hardly imagine that a Biden Executive Order that was forced on the US by the EU and that regulates US espionage abroad could survive Trump's 'America First' logic. The problem is, that not just US Big Tech, but especially normal EU businesses all rely on this system of unstable executive orders to argue that using US cloud systems is legal in the EU." - Max Schrems , privacy lawyer and chairman of noyb.eu

The end of the DPF would have consequences for both european companies, which would face immediate regulatory uncertainty, as GDPR-compliant data transfers to the U.S. will once again become legally questionable as well as their U.S. counterparts who would also be significantly impacted and face heightened legal risks, including potential fines and growing compliance burdens from European regulators.

For our Chief Privacy Officer, organizations must start considering actions as soon as possible:

“The time to act is now. This means legal measures, contract updates, and compliance efforts, of course, but more importantly, it requires transitioning to technical solutions that either reinforce sovereignty or simply have the power to limit the transfer of data to the U.S. Server-side implementation, for example, offers a concrete way to regain control over the data being shared with third parties.” - Thomas Adhumeau , Chief Privacy Officer at Didomi

Read more in our complete breakdown, including the steps companies can take, and stay tuned as we follow the topic closely over the next few weeks and months.

Webinar replay of the month: Master Microsoft UET consent mode ??

Map of the month: Consent collection in the U.S. ???

Data privacy bites ??

• Everything you need to know about the California Delete Act by Patrick Austin
• Didomi ranks #5 overall in G2’s 50 Best Data Privacy Software of 2025 by Clara Verglas
• Honda Settles With CPPA Over Privacy Violations via California Privacy Protection Agency
• 10 questions you might have about server-side tagging by Thierry Maout

Save the date this week ??

Join our upcoming webinar,?"Using Compliance Monitoring to Ensure Responsible Tracking,"?on March 20th at 5 PM CET.

During the event, Teodora Tanase, Rebecca Berbel, and Thomas Adhumeau will show you how our Advanced Compliance Monitoring (ACM) solution helps businesses stay compliant by monitoring vendor list modifications and tracking ecosystem changes.

Sign up today:

Thank you for reading, and see you next month!

- The Didomi team