The U.K.'s new data protection clauses for international data transfer agreements, replacing former EU standard contractual clauses, are now in force. As of today, restricted data is subject to the U.K.’s transfer rules under its new regime, following the European Commission’s ruling that the post-Brexit data transfer standards adequately met those of the EU General Data Protection Regulation. The U.K. transfer rules broadly mirror EU GDPR rules. The U.K. government also maintained the ability to issue its own adequacy decisions with respect to transferring data to other third countries and international organizations. Editor's note: U.K. Department for Digital, Culture, Media and Sport International Data Transfers Deputy Director Joe Jones previously spoke with IAPP Vice President and Chief Knowledge Officer Caitlin Fennessy, CIPP/US, regarding U.K.'s plans for its new data transfer regime.
21 March 2022
UK's post-Brexit international data transfer agreement enters into force
Related stories
Notes from the IAPP Canada: AI, collaboration, deidentification on privacy pros' minds
A view from DC: Nontariff barriers in the spotlight
A dilemma of distrust: How data governance and privacy can rebuild customer confidences
A view from Brussels: What is and isn't in the EU's AI Continent Action Plan
Notes from the Asia-Pacific region: Regulatory developments in China, Hong Kong
