The U.K.'s new data protection clauses for international data transfer agreements, replacing former EU standard contractual clauses, are now in force. As of today, restricted data is subject to the U.K.’s transfer rules under its new regime, following the European Commission’s ruling that the post-Brexit data transfer standards adequately met those of the EU General Data Protection Regulation. The U.K. transfer rules broadly mirror EU GDPR rules. The U.K. government also maintained the ability to issue its own adequacy decisions with respect to transferring data to other third countries and international organizations. Editor's note: U.K. Department for Digital, Culture, Media and Sport International Data Transfers Deputy Director Joe Jones previously spoke with IAPP Vice President and Chief Knowledge Officer Caitlin Fennessy, CIPP/US, regarding U.K.'s plans for its new data transfer regime.
21 March 2022
UK's post-Brexit international data transfer agreement enters into force
Related stories
A view from Brussels: Putting AI to the test on EU privacy, data protection developments
Why organizations should prioritize employee data protection to combat spear phishing
Notes from the Asia-Pacific region: Santa's on his way, bringing guidance from Singapore's PDPC, adoption of Vietnam's Data Law and more
EDPB weighs in on key questions on personal data in AI models
New tools aim to improve data activity monitoring, compliance efficiency
