How does Brexit affect data protection requirements?

With the vote to exit the EU nearly two years old and article 50 having been triggered in March 2017, how does Brexit affect our data protection requirements?

In this follow-up, to our earlier article on “GDPR are you ready?”, We will discuss the other effects of Brexit on GDPR.

If you recall in Article 1 we discussed; “But we are leaving the EU, why do we need to adopt this EU law?”; It still affects all UK organisations, as the GDPR not only applies to organisations located within the EU, but also apply to organisations located outside of the EU. The UK will also be adopting EU laws, through the UK Parliament’s data protection bill.”, do not forget that the whole premise of this regulation is about EU citizen’s rights.

As with the Data Protection Act, cross-border data transfers are heavily legislated by the GDPR. The basis is similar; when transferring data to countries outside the European Economic Area (EEA) you must make sure that either the country has adequate data protection laws or your organisation can ensure adequate protection of the data. These countries are usually decided upon by the way of an Adequacy Decision from the EU commission.

The  EEA is an area of Europe which provides for the free movement of persons, goods, services and capital within the European Single Market, as well as the freedom to choose residence in any country within this area.

Now that the UK government has clarified that it will not remain in the Single Market, this means that after Brexit data transfers to the UK from the twenty-seven remaining members of the EU will not automatically be authorised as they are at present. If the UK continues to adhere to GDPR standards, the EU Commission will issue an “adequacy decision” authorising transfers. So to maintain our ability to operate within the EU, we will need to abide by the General Data Protection Regulation.

 

How will Brexit affect GDPR?

Our be.GDPR product will help your organisations understanding of the General Data Protection Regulation and its’ application within the UK, during Brexit, post Brexit and beyond, as our modules benefit from being regularly updated to keep you on top of the latest interpretations.

Also recently published