fbpx

Free tools and resources for Data Protection Officers!

Tag Archives for " Brexit "

The UK will have to renegotiate data protection relationships with EEA countries

UK government says that at the end of the transitional period, the EEA agreement will no longer be applicable and the UK will seek a new arrangement with the EEA countries Norway, Iceland and Liechtenstein.

The EU will start its assessment of the UK’s adequacy for international data transfers as soon as possible after Brexit. The UK is ready to start these assessments, the government says.

Source: The UK will have to renegotiate data protection relationships with EEA countries – Privacy Laws & Business

Government issues draft data protection legislation to deal with Brexit

The draft legislation, The data protection, privacy and electronic communications (amendments etc) (EU exit) regulations 2019, have been prepared to ensure that the UK data protection legal framework continues to function correctly after Brexit.

The instrument amends the Privacy and Electronic Communications Regulations 2003 (PECR), UK GDPR and the DP Act 2018.

Source: Government issues draft data protection legislation to deal with Brexit – Privacy Laws & Business

UK-to-UK data transfers impacted by ‘no deal’ Brexit

UK businesses that outsource the processing of personal data to UK supplier or which send data to other UK-based businesses in their group may need to update their contracts in the event of a ‘no deal’ Brexit to allow those data transfers to continue, a data protection law expert has said.

Full article: UK-to-UK data transfers impacted by ‘no deal’ Brexit

No-deal Brexit will block critical data transfers from EU

Despite bringing the General Data Protection Regulation (GDPR) into UK law in the form of the Data Protection Act 2018, leaving the EU without a deal in place means Britain will be, for a time, classed as a ‘third country’ until an adequacy agreement can be implemented.

This means that while some data can be transferred from the UK to European Economic Area (EEA) countries, something supported by the UK government, there will be a stop to all flow of personal information in the opposite direction until a data adequacy agreement comes into force, according to the ICO.

Full article: No-deal Brexit will block critical data transfers from EU, warns ICO | IT PRO

GDPR Brexit flowchart

This week has brought further uncertainty on the route to Brexit. The planned vote in the UK Parliament on the Withdrawal Agreement – intended to establish an orderly transition period for the UK to withdraw from the EU between 30 March 2019 and 31 December 2020 – has been postponed leaving considerable uncertainty as to next steps, including the prospect of a ‘hard’ departure on 30 March 2019 with ‘no deal’ in place.

DLA Piper have produced a GDPR Brexit flowchart which maps out the key data protection impacts for each of the political routes that may now follow, showing the likely timelines and implications of both the ‘deal’ and ‘no-deal’ scenarios, which we hope will be a useful tool in contingency planning through these uncertain and difficult times.

Full article: UK: GDPR Brexit flowchart

ICO advises companies on how to prepare for a possible no-deal Brexit

The ICO recommends steps that companies could take now to start preparing for data protection compliance if the UK leaves the EU on 29 March 2019 without a deal.

If the UK is currently your organisation’s lead supervisory authority, you should review the structure of your European operations to assess whether you will continue to be able to have a lead authority and benefit from the One-Stop-Shop, the ICO says.

Source: ICO advises companies on how to prepare for a possible no-deal Brexit – Privacy Laws & Business

Will the UK achieve adequacy after Brexit?

The status of U.K.-EU data flows post-Brexit has been the subject of speculation since the fateful vote was taken nearly two-and-a-half years ago. But with the prospect of the U.K. crashing out of the EU without an orderly withdrawal agreement growing ever-more realistic, concern is mounting.

Full article: Will the UK achieve adequacy after Brexit? Even the ICO isn’t so sure

Brexit and data protection – what’s new now?

EU leaders have signed off the withdrawal agreement between the UK and the EU, as well as the political declaration on the framework for the future relationship between the UK and the EU. The political declaration is an outline of what a future EU-UK trade agreement might look like. But the trade agreement has yet to be negotiated and that process won’t start until the UK has left the EU on 29th March 2019. If negotiations are quick (and successful) then the intention is that the future trade agreement between the EU and the UK would come into force at the end of the transition period (31st December 2020, but the transition period could be extended).

Full article: Brexit and data protection – what’s new now?

Timescale set for data protection ‘adequacy’ decision after Brexit

On Wednesday evening, the UK government and European Commission announced that the UK and EU27 countries had reached a draft agreement on the terms of the UK’s withdrawal from the EU. That draft agreement, which is still to be ratified by the UK parliament and EU27 member states, was published alongside a number of other documents, including an outline of the political declaration on the future EU-UK relationship.

According to the political declaration, the Commission will assess UK data protection standards on the basis of the EU’s “adequacy framework” with a view to adopting an “adequacy” decision by the end of 2020. Over the same period, the UK will take steps to ensure comparable facilitation of personal data flows to the Union.

Full article: BREXIT: timescale set for data protection ‘adequacy’ decision

>