UK Privacy Laws Pass First EU Hurdle
The European Commission has published its draft UK 'adequacy decisions', which if adopted will allow for the continued free flow of personal data from the EU into the UK.
Before Brexit, the UK was part of the EU's General Data Protection Regulation (GDPR), which meant that its data privacy laws were in line with the bloc's standards. The UK's Trade and Cooperation Agreement (TCA) contains a provision that allows personal data to continue to flow unimpeded from the EU to the UK until a longer-term deal is agreed. If no agreement has been found by the end of June, UK businesses will have to find alternative ways to legally import and process the personal information of EU citizens.
Now that the UK has left the EU, European regulators will decide whether they think the UK's data privacy laws are rigorous enough to protect the personal information of EU citizens - known as an adequacy decision. Draft adequacy decisions are now with the European Data Protection Board (EDPB), which will deliver an opinion to the European Commission and representatives from the EU member states. During this process, UK businesses and public authorities will continue to be able to receive data from the EU under the 'adequacy bridge' agreed in the 2020 TCA.
Information Commissioner, Elizabeth Denham comments: 'The draft adequacy decisions are an important milestone in securing continued frictionless data transfers from the EU to the UK. Today's announcement gets us a step closer to having a clear picture for organisations processing personal data from the EU and I welcome the progress that has been made'.
Web site: www.ico.org.uk .