Login
Join Video Meeting
English

Schrems II and lynes

News

Not every regulation makes waves like GDPR did. I remember the doomsday talk and countless posts. But some changes, though quieter, can impact businesses just as deeply.

Schrems II and lynes
Schrems II and lynes

Content

This is an H2 heading
This is an H3 heading
This is an H4 heading
This is an H5 heading
This is an H6 heading

Not everything makes waves like GDPR did. I remember it vividly — the doomsday prophets were everywhere. Every other LinkedIn post was written by a “GDPR consultant” ready to solve every imaginable issue, while the evening papers screamed:

“Is your company at risk of BILLION-DOLLAR FINES?”

Then it all faded. In the aftermath came Schrems I and Schrems II, which slipped by relatively quietly — at least compared to GDPR. We were all probably too busy with Clubhouse or the next big thing.

With that said, let’s shine some light on the story of Maximilian Schrems.

via GIPHY

What is Schrems II?

Schrems II refers to a set of data regulations officially known as C-311/18 (a ruling from the Court of Justice of the European Union) and named after Austrian activist and lawyer Maximilian Schrems.

It’s the classic David vs. Goliath tale — with Facebook as Goliath.

Simply put, Facebook’s business model depends on advertising revenue fueled by user data collection.

For over a decade, Maximilian (David) fought Facebook and the Irish Data Protection Commission (IDPC), arguing that Facebook’s Irish branch had no legal right to transfer his personal data to the U.S., where mass surveillance by the NSA directly violated EU data protection laws.

Fast-forward, and the case reached the Court of Justice of the European Union (CJEU) — which ruled in Schrems’ favor (!!!).

‍

The agreement that allowed U.S. companies to transfer EU data, Safe Harbour, was declared invalid — that was Schrems I.

In 2016, Safe Harbour was replaced by Privacy Shield (gotta love those patriotic names). It was meant to safeguard EU citizens’ privacy when transferring data to the U.S.

But Schrems wasn’t convinced — he saw Privacy Shield as the devil in disguise.

Why? Because U.S. companies only needed to self-certify compliance with Privacy Shield by informing the Department of Commerce — hardly reassuring.

Unsurprisingly, Schrems challenged it again, and the CJEU sided with him again.

Enter Schrems II, which made it illegal to transfer personal data from the EU to the U.S. unless another valid legal basis under GDPR exists.

If you know GDPR, you know third-country transfers are
 strict.

What does Schrems II mean in practice?

In short: If there isn’t a solid legal basis for transferring personal data to the U.S., it’s illegal — and the consequences are huge.

For many companies, Schrems II came seemingly out of nowhere, like a bolt from the blue. But this has been brewing for years, drawing attention from regulators, governments, and the EU itself.

‍

The issue now is that many companies are stuck in limbo. The tools and services they rely on may suddenly be non-compliant — and their hefty investments could become even costlier.

Messy, to say the least.

Warning bells are ringing

This year, the City of Stockholm announced it was halting its use of Microsoft 365 and other cloud services, calling the situation “problematic.” They even urged schools to look for alternatives.

In 2021, agencies like the Swedish Tax Agency and Enforcement Authority stopped using Skype and Microsoft Teams due to U.S. surveillance laws.

Personally, I’m glad to see Swedish authorities putting pressure on global tech giants. It shines a light on local alternatives — like us, and other Swedish providers.

‍

What can you do?

I see three options:

1. Accept reality and switch providers

Choose vendors that meet GDPR and Schrems II requirements. There are plenty of Swedish and European services that are just as good — if not better — than their American counterparts.

2. Ignore it and hope it goes away

Or as poet Thomas Gray wrote in Ode on a Distant Prospect of Eton College: “Ignorance is bliss.”

3. The “We’re too small for them to care” approach

Keep using non-compliant tools, strengthen Big Tech’s position, and undermine local alternatives.

Tips from the coach

  • Audit all the services you use
  • Check your providers’ data policies
  • Explore compliant alternatives
  • Bonus tip: Talk to peers in your industry — many are in the same boat
  • Switch providers if needed — you’ll sleep better at night

When looking for new services, start close to home. Swedish and European options are often just as good, if not better, than the American ones.

What about lynes and Schrems II?

We’re a Swedish company — founded, owned, and operated here. We love coffee and fika (especially princess cake). You’re welcome to join us for a cup — just bring the cake!

Since the Schrems II ruling, we’ve seen growing awareness among our customers — from the occasional question to several inquiries a week about how we handle data.

And that’s great! The more companies that understand this, the better.

By switching providers, businesses collectively push global giants to evolve — or fade away.

We’re often compared to Microsoft Teams, and recently the City of Stockholm stopped using Microsoft’s services altogether. The comparison isn’t entirely fair, though — our platforms differ quite a bit.

Here’s how:

  • We don’t lock you into one software suite. lynes integrates with several ecosystems, carriers, and operating systems.
  • We work seamlessly with Office 365 and Google Calendar
  • Compatible with major Swedish telecom operators
  • Runs on Windows, Mac, iOS, Android, web, and Linux
  • And yes — we store all our data securely in Sweden

You can read more about the differences between us and Microsoft Teams [here].

To get started, just pick your operator and suite — and you’re good to go. No lock-in, no hassle.

I truly hope more organizations follow in the footsteps of Sweden’s public agencies and start choosing tools based on security and functionality — not just what’s bundled “for free” in an Office suite.

Get in touch — let’s talk princess cake, Schrems II, and lynes.

‍

Written by

Burhan Kesapli

Denna karismatiska herre har ett sött smeknamn med mÄnga kalorier, Bullen. Bullen har en intensiv energiförbrukning under dagen och narkolepsi efter 21.30. Drömmer om att springa lÄngt pÄ höga höjder.

Contact us

Collaboration tool or a phone system? Lynes is both.

Lynes is not just a great collaboration tool for your business. Or a awesome phone system. Lynes are both. It allows you to hold video meetings, receive calls, chat with colleagues and customers and share documents - all in the same workflow.

A selection of our customers

Svensk fastisghetsförmedling logoSvensk fastisghetsförmedling logo
Renta logo Renta logo
SwedolSwedol
FastighetsbyrÄnFastighetsbyrÄn
Linköping UniversitetLinköping Universitet
GeberitGeberit
SkÄne MejerierSkÄne Mejerier
No items found.
No items found.
No items found.

Interested? Talk with us today.

The form only appears on the live page

The form only appears on the live page