The U.K.'s new data protection clauses for international data transfer agreements, replacing former EU standard contractual clauses, are now in force. As of today, restricted data is subject to the U.K.’s transfer rules under its new regime, following the European Commission’s ruling that the post-Brexit data transfer standards adequately met those of the EU General Data Protection Regulation. The U.K. transfer rules broadly mirror EU GDPR rules. The U.K. government also maintained the ability to issue its own adequacy decisions with respect to transferring data to other third countries and international organizations. Editor's note: U.K. Department for Digital, Culture, Media and Sport International Data Transfers Deputy Director Joe Jones previously spoke with IAPP Vice President and Chief Knowledge Officer Caitlin Fennessy, CIPP/US, regarding U.K.'s plans for its new data transfer regime.
21 March 2022
UK's post-Brexit international data transfer agreement enters into force
Related stories
Notes from the IAPP Europe: Wrapping up November with the IAPP DPC
Ireland's DPC details legitimate interest prong of its LinkedIn enforcement action
What the new European Commission could mean for digital regulation
IAPP DPC 2024: Reynders discusses GDPR enforcement harmonization, adequacy developments
US Senate subcommittee ponders accountability for AI-assisted scams