The U.K.'s new data protection clauses for international data transfer agreements, replacing former EU standard contractual clauses, are now in force. As of today, restricted data is subject to the U.K.’s transfer rules under its new regime, following the European Commission’s ruling that the post-Brexit data transfer standards adequately met those of the EU General Data Protection Regulation. The U.K. transfer rules broadly mirror EU GDPR rules. The U.K. government also maintained the ability to issue its own adequacy decisions with respect to transferring data to other third countries and international organizations. Editor's note: U.K. Department for Digital, Culture, Media and Sport International Data Transfers Deputy Director Joe Jones previously spoke with IAPP Vice President and Chief Knowledge Officer Caitlin Fennessy, CIPP/US, regarding U.K.'s plans for its new data transfer regime.
21 March 2022
UK's post-Brexit international data transfer agreement enters into force
RELATED STORIES
Privacy in Arkansas: Is Arkansas ready for a consumer privacy law?
A view from DC: CFPB calls for states to regulate financial privacy
Notes from the IAPP Canada: OPC's WADA investigation 'raises some interesting issues'
A view from Brussels: European Commission's new tech policy center of gravity
First fine imposed under Thailand's Personal Data Protection Act
