This paper by Rachel Masterton seeks to evaluate the additional obligations of the GDPR that will live on in the U.K. beyond its departure from the EU and what the U.K. government could do to relieve some of those requirements. Reviewing case law surrounding data transfers, it addresses the key messages from such judgments and their impact on processing going forward. It also draws on the musings of thought leaders in the arena of data protection and attempts to provide direction to the deliberations of organizations for which due regard to GDPR will remain a key part of governance come March 2019. (May 2018)
Leaving the EU: the data protection implications of a ‘Hard Brexit’ for UK businesses with EU data flows and clients
Related Stories
Brexit
This topic page contains a curation of the IAPP's coverage, analysis and relevant resources covering Brexit....
Preparing for a Brexit without agreement: What questions? What advice from the CNIL?
This guide from the Commission Nationale de l'Informatique et des Libertés, the CNIL, answers a series of questions about their recommendations and steps for French organizations to follow in the event of a "no-deal" Brexit to ensure data transfer to the U.K. is GDPR compliant.
Click To View...
EDPB note: Data transfers, the GDPR and no-deal Brexit
This note from the European Data Protection Board outlines the steps organizations need to take to prepare for a "no-deal" Brexit, as well as the different data transfer instruments organizations can use to ensure data transfers from the EEA to the U.K. are compliant under the GDPR.
Click To View (...
How will personal data continue to flow after Brexit?
This guide from U.K. Information Commissioner Elizabeth Denham looks at five "no-deal" Brexit myths for small- and medium-sized businesses transferring personal data to and from the EEA.
Click To View...
Brexit: Data Protection and Transfers, if “No Deal”
Take a look at this IAPP infographic to learn more about where to focus your efforts in the case of a “no deal” Brexit....