fbpx

Free tools and resources for Data Protection Officers!

Tag Archives for " Brexit "

EDPS issues note on data transfers following Brexit

On 16 July 2019, the European Data Protection Supervisor (EDPS) issued an information note on international data transfers after Brexit. 

The Note highlights that if the EU and the UK sign the withdrawal agreement before 1 November 2019, the data flows to the UK will not be immediately affected.  EU data protection laws (including the GDPR, the Law Enforcement Directive (EU)2016/680 and the ePrivacy Directive) will apply until 31 December 2020, with a maximum extension until 31 December 2022. 

However, in the case of a “no-deal” Brexit, EU data protection laws would not apply in the UK and starting from 1 November 2019 personal data transfers from EU institutions to companies in the UK must comply with the international data transfer requirements under Chapter V of GDPR.

Read the Note.

Data transfers as the Brexit clock counts down

Many business owners have spoken of their concern for the impact a “no deal” Brexit could have on personal data transfers between the EU and the UK.

However, some experts say that any adverse fallouts can be easily managed by the use of model clauses for data protection agreements.

Full article: Data transfers as the Brexit clock counts down

The future of the ePrivacy Regulation and the impact of Brexit on its application in UK

The European Parliament set out its position on the Regulation in October 2017. However, the Council of the EU, which is made up of ministers of the Member States, has not yet come to a position on the legislation.

The Regulation cannot be adopted until the Council of the EU has come to a position and the Council of the EU and the European Parliament have agreed on a text. It is likely that any adoption of the Regulation will not take place before 2020.

Full article: The future of the ePrivacy Regulation and the impact of Brexit on its application in UK – Privacy, Security and Information Law Fieldfisher

Inquiry launched into data use from no-deal Brexit ads on Facebook

The information commissioner’s office will use its legal powers to obtain information from Facebook about a secretive network of pro-Brexit advertising campaigns on the social network, following revelations about the involvement of Sir Lynton Crosby’s company in campaigns pushing for a hard no-deal Brexit.

The ICO will look at how any data, potentially including email addresses collected in the process of encouraging people to email their MP, is being handled.

Source: Inquiry launched into data use from no-deal Brexit ads on Facebook | Politics | The Guardian

After Brexit, the EU must decide if UK data protection is adequate

After Brexit the European Commission will decide whether the UK provides equivalent data protection standards to GDPR and other EU legislation.

The adequacy assessment is going to be a key test of the UK’s data privacy standards and achieving adequacy will be far from straightforward. The UK has committed to maintaining GDPR standards post-Brexit but this is not the whole picture for data protection compliance, and when it comes to the protection of fundamental rights there are difficult questions to be addressed.

Full article: After Brexit, the EU must decide if UK data protection is adequate

UK Issues Regulations on Post-Brexit Data Protection Law

Two sets of regulations aimed at readying UK data protection law for a post-Brexit world have been promulgated in recent weeks. These regulations, which were made pursuant to the EU (Withdrawal) Act 2018 (EUWA), will only come into force in most respects upon the UK’s withdrawal from the EU.

These regulations are intended to preserve the status quo post-Brexit by (1) amending certain provisions of the GDPR to allow it to be retained as UK domestic law and (2) transitionally adopting certain key decisions of the EU institutions that, collectively, would allow for the continued lawfulness of personal data flows out of the United Kingdom where currently permitted under EU law.

Source: UK Issues Regulations on Post-Brexit Data Protection Law

Extraterritorial Applicability of the UK Data Protection Act 2018 After Brexit

In the privacy world, the primary focus for most companies regarding Brexit to date has been on ensuring that data flows in and out of the UK (particularly data flows from the EU27 to the UK) can continue lawfully after that date.

But for companies operating across Europe, and indeed across the world, with establishments or customers in the UK, Brexit also has implications in terms of the applicability of the UK data protection framework to their operations.

Full article: Dark Side of the Moon: Extraterritorial Applicability of the UK Data Protection Act 2018 After Brexit

CNIL Publishes FAQs to Prepare for a No-Deal Brexit

On February 20, 2019, the French data protection authority published a set of questions and answers to specify the CNIL’s recommendations and steps that organizations should take to prepare for a no-deal Brexit.

Source: CNIL Publishes FAQs to Prepare for a No-Deal Brexit | Privacy & Information Security Law Blog

EIOPA publishes no deal Brexit insurance continuity plans

The European Insurance and Occupational Pensions Authority (EIOPA) has published recommendations for national EU insurance regulators, aimed at minimising disruption to policyholders should the UK leave the EU without a withdrawal agreement.

Source: EIOPA publishes no deal Brexit insurance continuity plans

EDPB releases information note in the event of a “No-deal Brexit”

On February 12, 2019, the European Data Protection Board (“EDPB”) published two information notes to highlight the impact of a so-called “No-deal Brexit” on data transfers under the EU General Data Protection Regulation (“GDPR”), as well as the impact on organizations that have selected the UK Information Commissioner (“ICO”) as their “lead supervisory authority” for their “Binding Corporate Rules” (“BCRs”).

Source: EDPB releases information note in the event of a “No-deal Brexit”

1 2 3 8
>