Data protection: UK gets data flow deal from EU

A deal has been reached to allow data-flows between the UK and EU, for now

Personal data can continue to flow freely between Europe and the UK following an agreement by the European Union to adopt ‘data adequacy’ decisions.

The Commission has adopted two adequacy decisions for the UK - one under the General Data Protection Regulation (GDPR) and the other for the Law Enforcement Directive. The adequacy decisions also facilitate the correct implementation of the EU-UK Trade and Cooperation Agreement, which foresees the exchange of personal information, for example for cooperation on judicial matters. Both adequacy decisions include strong safeguards in case of future divergence such as a ‘sunset clause', which limits the duration of adequacy to four years. 

Secretary of State for Digital Oliver Dowden said: “After more than a year of constructive talks it is right the European Union has formally recognised the UK’s high data protection standards. This will be welcome news to businesses, support continued cooperation between the UK and the EU and help law enforcement authorities keep people safe.”

“We will now focus on unlocking the power of data to drive innovation and boost the economy while making sure we protect people’s safety and privacy.”

 

Adequate levels of data protection

 

After the sunset clause runs out, the adequacy findings might be renewed, however, the Commission said this would only happen if the UK continues to ensure an adequate level of data protection. During these four years, the Commission will continue to monitor the legal situation in the UK and could intervene at any point, if the UK deviates from the level of protection currently in place. Should the Commission decide to renew the adequacy finding, the adoption process would start again.

Didier Reynders, Commissioner for Justice, said: “After months of careful assessments, today we can give EU citizens certainty that their personal data will be protected when it is transferred to the UK. This is an essential component of our new relationship with the UK. It is important for smooth trade and the effective fight against crime. The Commission will be closely monitoring how the UK system evolves in the future and we have reinforced our decisions to allow for this and for an intervention if needed. The EU has the highest standards when it comes to personal data protection and these must not be compromised when personal data is transferred abroad.”

Share

Featured Articles

Energy crisis posing threat to IT companies' sustainability

A staggering 79% of IT decision-makers believe that the current energy crisis will have a knock-on effect on their net zero sustainability strategies

Data backup gives way to data protection and cybersecurity

Data backup is no longer just about operational fallback, new research has revealed. Instead, businesses need to consider it a new kind of cybersecurity

Rich investors drawn to digital assets despite crypto crash

The world’s wealthiest people are sold on the concept of digital assets, as a new survey shows they are being used to construct more resilient portfolios

Five minutes with: Katie Nykanen, Group CTO at QA

Digital Transformation

Big business bets on real-time data and event-streaming tech

Data & Data Analytics

Mind your language: Is NLP a natural fit for the Metaverse?

AI & Machine Learning