| Author (Person) | Meyers, Zach, Mortera-Martinez, Camino |
|---|---|
| Publisher | Centre for European Reform (CER) |
| Series Title | CER Insight |
| Publication Date | November 2021 |
| Content Type | Research Paper |
|
Summary: European and British businesses can still freely transfer personal data between the EU and UK. The British government retained the EU’s General Data Protection Regulation (GDPR) in domestic law, and said it would continue to allow free data transfers to the EU. And the European Commission decided that the UK would continue to provide an adequate level of protection of personal data, thereby allowing data flows to continue without any new safeguards. There are three scenarios, any one of which could kill the EU’s adequacy decision: the European Court of Justice (ECJ) ruling that the UK’s intelligence gathering should have prevented the Commission granting adequacy; the Commission choosing to withdraw adequacy because the UK diverges too far from the GDPR in the future; or the UK unilaterally deciding to allow seamless transfers between the UK and third countries, which would probably compel the Commission to revoke the adequacy decision. Navigating these risks is likely to become increasingly politically costly for the UK government. The question is not if smooth data transfers will end, but rather when, and how. |
|
| Source Link |
Link to Main Source
https://www.cer.eu/insights/three-deaths-eu-uk-data-adequacy
Alternative sources
|
| Related Links |
|
| Subject Categories | Economic and Financial Affairs, Trade |
| Subject Tags | Brexit, EU Law, Fundamental | Human Rights |
| Keywords | Data Privacy | Protection, Post-Brexit |
| Countries / Regions | United Kingdom |
| International Organisations | European Union [EU] |
