Schrems III Is Coming. Do Not Bet Your AI Pipeline on an Adequacy Decision
The 29 June 2026 Supreme Court ruling on FTC independence knocked out a load-bearing pillar of the EU-US Data Privacy Framework. Owned, in-territory inference is the hedge that survives whatever the CJEU decides.
# Schrems III Is Coming. Do Not Bet Your AI Pipeline on an Adequacy Decision
By Micky Irons, founder and CEO, Mickai
On 29 June 2026 the US Supreme Court decided Trump v. Slaughter. By six to three it held that the statutory for-cause protection shielding Federal Trade Commission commissioners from removal at the President's pleasure is unconstitutional, and in doing so it overruled Humphrey's Executor, a precedent that had stood since 1935. The headlines framed it as a story about the American administrative state. For anyone moving personal data across the Atlantic, it is something else entirely. It is the moment a load-bearing pillar of the EU-US Data Privacy Framework quietly cracked.
The next day, 30 June 2026, noyb wrote to the European Commission. Max Schrems pointed out the obvious thing the ruling exposes. The Commission's adequacy decision leans on the FTC hundreds of times as an independent enforcement body for privacy obligations. If FTC commissioners now serve at the will of the President, that independence is no longer guaranteed, and the factual basis the Commission relied on to declare US protection "essentially equivalent" to EU law starts to look shaky. noyb has asked Brussels to plan an orderly wind-down rather than wait to be told to by a court, and has signalled it will litigate if the Commission sits still. A preliminary opinion out of Luxembourg is plausible by late 2026 or early 2027.
If you have seen this film before, that is because you have. Twice.
Two frameworks are already dead. This is the third act
Safe Harbour fell in 2015 when the Court of Justice ruled in Schrems I that it did not adequately protect Europeans from US surveillance. Its replacement, Privacy Shield, fell in 2020 in Schrems II for essentially the same reason. Each time, thousands of businesses that had built data flows on the assumption of a stable adequacy decision woke up to find the legal ground gone from under them, scrambling for standard contractual clauses, transfer impact assessments and supplementary measures that may or may not have held up.
The Data Privacy Framework, adopted in 2023, is the third attempt. It survived its first judicial challenge in 2024. What it has not survived intact is the removal of the very oversight architecture the Commission cited as proof of independent enforcement. noyb is also questioning the Data Protection Review Court created under Executive Order 14086 and the Privacy and Civil Liberties Oversight Board, both of which sit on similarly contested constitutional ground. When the scaffolding an adequacy decision is built on gets pulled out one beam at a time, the pattern is not hard to read.
We are not predicting the outcome of Schrems III. We are pointing out that you should not be predicting it either, and you certainly should not be architecting a production AI pipeline around a guess.
Why this lands harder on AI than on any prior data flow
In 2015 and 2020, the transatlantic data at risk was mostly storage and analytics. Customer records sitting in a US data centre. Marketing telemetry. CRM syncs. Painful to unwind, but bounded.
An AI pipeline is a different animal. When you send a prompt to a US-hosted model, you are transferring personal data on every single inference call, in real time, at volume, often including the most sensitive categories your organisation touches. A clinician drafting notes. A caseworker summarising a vulnerable person's file. A compliance analyst pasting a transaction narrative. Every one of those is a transfer of personal data to a US processor, and every one of them is exposed to the same adequacy question that took down Safe Harbour and Privacy Shield.
If the Data Privacy Framework is invalidated, the fallback for most organisations is standard contractual clauses plus a transfer impact assessment. But the whole problem Schrems II identified was that SCCs cannot paper over US surveillance law that grants government access regardless of what two private parties agree in a contract. The same logic that undercuts the adequacy decision undercuts the fallback. You do not get to keep your US inference provider by signing a stronger form. You get to keep it by hoping nobody enforces the point.
That is not a compliance posture. That is a bet.
The hedge is not a better contract. It is a different architecture
Here is the shift in thinking that actually removes the exposure. The transfer risk exists because personal data leaves your control and crosses a border to a processor governed by foreign surveillance law. Remove the transfer and you remove the risk, entirely, permanently, and independently of whatever the CJEU decides in 2027.
That is what a Sovereign Intelligence Operating System is for. Mickai is a SIOS: a full AI operating environment that a regulated organisation owns and runs inside its own walls, in its own jurisdiction, air-gapped where it needs to be, with a cryptographically-signed audit record on every action. The model weights sit on your hardware. The inference happens in your data centre, in your country. No prompt leaves the building. There is no transfer to assess, no adequacy decision to depend on, no third framework to pray survives its day in Luxembourg.
Notice what this does to your risk register. Under the cloud-processor model, your legal certainty is a function of American constitutional law, Commission politics and CJEU timing, none of which you control. Under owned, in-territory inference, your data protection posture is a function of your own infrastructure, which you control completely. You are not hoping the framework holds. You have removed the framework from the critical path.
We are honest about the market this sits in. Almost every regime, GDPR included, permits cloud processing with the right controls. Most organisations are not legally barred from using a US model, and we will not tell you they are. The genuine no-cloud bar is workload-specific: classified material, ITAR-controlled data, isolated operational technology, cases where a data protection impact assessment comes back negative. For everyone else the case for sovereignty is preference, not prohibition: control over your own data, protection against exfiltration, cost predictability, and freedom from exactly this kind of framework whiplash. Schrems III does not change whether cloud is legal. It changes how comfortable a serious DPO should be betting a live pipeline on a decision that has already been reversed twice.
What a data protection officer should do this quarter
Map your transfers first. Every AI feature that sends a prompt to a US-hosted model is a transatlantic transfer of personal data. Most organisations have more of these than they think, because inference got embedded into products faster than data protection teams could inventory it.
Then triage by sensitivity. Special-category data, anything covered by professional confidentiality, anything about children or vulnerable people. Those are the workloads where an adequacy invalidation turns into an enforcement problem overnight, and those are the workloads to move in-territory first.
Then choose your hedge deliberately. You can wait, keep your US provider, and hope Schrems III lands your way. Or you can move the sensitive inference onto infrastructure you own, where the transfer question never arises. The first option is cheaper this quarter and hostage to a court for the next three years. The second is a one-time architectural decision that makes the whole question moot. Our 104 filed UK patent applications, spanning around 2,340 claims across 13 families, cover the sealed inference, signed-audit and sovereign-deployment machinery that makes the second option real rather than aspirational.
We have written more on how this fits together in the Sovereign Intelligence Operating System explained and on why we treat data residency as an architecture decision, not a checkbox. If you are weighing this against a hyperscaler contract, our piece on owned inference versus cloud AI for regulated organisations walks through the trade in detail.
The takeaway
Two adequacy frameworks have already been struck down. The third has just lost the independent-enforcement pillar the Commission cited to justify it, and the people who took down the first two are back in front of the Commission with a letter and a plan. You do not have to know how Schrems III ends to make the right decision now. You have to stop making legal certainty for your most sensitive AI workloads depend on a ruling you cannot influence and cannot predict. Own the inference, keep the data in territory, and let the CJEU decide whatever it decides. Your pipeline will not notice.
Frequently asked questions
What is Schrems III?
It is the widely used label for the anticipated third legal challenge to the mechanism that lets personal data flow from the EU to the US. The first two challenges, brought by Max Schrems and later his organisation noyb, struck down Safe Harbour in 2015 and Privacy Shield in 2020. Following the US Supreme Court's 29 June 2026 ruling in Trump v. Slaughter, which removed the independence protection for FTC commissioners, noyb wrote to the European Commission on 30 June 2026 signalling a fresh challenge to the current EU-US Data Privacy Framework. A preliminary opinion from the Court of Justice is considered plausible in late 2026 or early 2027.
If the Data Privacy Framework is invalidated, can I just fall back on standard contractual clauses?
Only up to a point. Schrems II established that contractual clauses cannot override US surveillance law that permits government access to data regardless of private agreements. The same reasoning that threatens the adequacy decision also weakens the SCC fallback for US transfers, because the underlying problem is the legal environment the data lands in, not the paperwork governing it. SCCs are not a reliable substitute for keeping the data out of scope in the first place.
Does owning my inference actually remove the transfer risk?
Yes, because the risk is created by personal data crossing a border to a foreign processor. If inference runs on hardware you own, in your own jurisdiction, no personal data is transferred to a US processor, so there is no transfer to assess and no adequacy decision to rely on. That is why we describe in-territory inference as the hedge that survives whatever the CJEU decides. It takes the framework out of your critical path entirely.
Are regulated organisations legally barred from using US cloud AI?
No, and we will not tell you otherwise. GDPR and almost every sector regime permit cloud processing with appropriate controls. The genuine no-cloud bar applies to specific workloads such as classified, ITAR-controlled or isolated operational-technology data, or where a data protection impact assessment comes back negative. For most organisations the case for owned, sovereign AI rests on control, exfiltration risk, cost and resilience against exactly this kind of framework instability, not on a blanket legal prohibition.


