Data privacy regulation has taken yet another sharp turn. The July 16, 2020 Schrems II decision has invalidated the EU-US Data Privacy Shield, the data transfer framework relied upon by over 5,000 European and US companies to conduct over $7 trillion in commercial transactions. This decision took immediate effect with no grace period—and also hinted at greater scrutiny for alternate data transfer mechanisms like standard contractual clauses (SCCs) and binding corporate rules (BCRs)—leaving many companies uncertain over how to conduct business involving transatlantic data transfers.