..."The need for an ad hoc assessment of the data protection compliance of each data transfer
The advocate general, Henrik Saugmandsgaard Øe, did consider the standard contractual clauses in line with the GDPR or, in general, with European legislation on the processing of personal data. But he believes that a case-by-case assessment is still necessary with each transfer of personal data on the existence of adequate protections concerning the data transferred. This issue is, therefore, not even a question on the compatibility of the foreign legislation with European legislation on the processing of personal data but an assessment of each data transfer.
If in the context of that assessment, the data controller, or the competent data protection authority, concludes that there is no such adequate protection, the data transfer must be suspended or prohibited."