The U.K.'s new data protection clauses for international data transfer agreements, replacing former EU standard contractual clauses, are now in force. As of today, restricted data is subject to the U.K.’s transfer rules under its new regime, following the European Commission’s ruling that the post-Brexit data transfer standards adequately met those of the EU General Data Protection Regulation. The U.K. transfer rules broadly mirror EU GDPR rules. The U.K. government also maintained the ability to issue its own adequacy decisions with respect to transferring data to other third countries and international organizations. Editor's note: U.K. Department for Digital, Culture, Media and Sport International Data Transfers Deputy Director Joe Jones previously spoke with IAPP Vice President and Chief Knowledge Officer Caitlin Fennessy, CIPP/US, regarding U.K.'s plans for its new data transfer regime.
21 March 2022
UK's post-Brexit international data transfer agreement enters into force
Related stories
A view from DC: US Senate hearing gives a preview of AI on Cruz control
New York State of Mind: A discussion with NYC Chief Privacy Officer Michael Fitzpatrick
Notes from the IAPP Canada: Building momentum during Privacy Awareness Week
Notes from the Asia-Pacific region: OPC releases draft guidance on Privacy Act amendment
A view from Brussels: From coal and steel in 1950, to cybersecurity and AI in 2025
