Locks and Security News: your weekly locks and security industry newsletter
17th April 2024 Issue no. 701

Your industry news - first

We strongly recommend viewing Locks and Security News full size in your web browser. Click our masthead above to visit our website version.

Brexit should not affect UK to EEA data flows

On the news that Google is planning to move its UK users' data from the EU's control to US jurisdiction, Toni Vitale, partner and head of data protection, JMW Solicitors, says that Brexit should not affect UK to EEA data flows:

"Both the UK and EU hope to complete the adequacy decision process (to satisfy that there is an adequate level of data protection) within the Brexit transition period.

" Infringements of the EU GDPR's requirements for transferring personal data to third countries or international organisations are subject to the higher level of administrative fines: up to €20 million or 4% of annual global turnover - whichever is greater. Organisations that process EU residents' personal data should therefore put measures in place to ensure they continue to comply with the law after 31 December 2020 in case no adequacy decision is reached but moving their data to another jurisdiction is not necessary and may be too drastic an option.

"The UK wants the free and unhindered flow of data between the EU and the UK to continue, as it believes it is crucial for the economy. Although an adequacy decision would enable this, the UK has argued that the adequacy approach 'would not reflect the breadth and depth of the UK-EU relationship'. One option previously considered is something more bespoke than adequacy. This bilateral treaty would encompass mutual recognition of data protection standards and would have status in international law.

"The UK intends to recognise the EU's data protection system as adequate, even in a no-deal scenario, which means that Brexit should not affect UK to EEA data flows."

26th February 2020