From 1 January 2021 the United Kingdom will lose its automatic status as a safe destination for EU data when it falls outside of the EU’s legal jurisdiction. This will affect all EU data to be transferred to the UK (or any ‘third country’ that is not an EEA member.)
According to Phil Brown, a specialist lawyer at Conexus Law, it is doubtful that transfers from the EU to the UK will be compliant with GDPR following court case in October which held UK law incompatible with EU law – and similarly no transfers to the US would be compliant following a judgement in July 2020 which rendered Privacy Shield invalid.
“This clearly poses a huge threat to international business and it is hard to see that it will be allowed to continue, although equally the contrasting views of Europe and the US as to data protection mean it is a difficult one to see resolved without wholesale legislative changes to either the European or US regimes. The UK is clearly more aligned with the rest of Europe, and so one would hope that the differences can be resolved swiftly and effectively but given the political implications of Brexit across Europe there remains a distinct lack of clarity,” comment Phil.
Phil has created a guidance paper on the subject which outlines the possible options for businesses and likely outcomes.
HOW CAN CONEXUS LAW HELP?
Businesses and individuals will need legal advice to help them understand the risks they may face and the options that may be open to them.
We are available to assist in reviewing the laws in many jurisdictions across the world, and to review specific contracts. We are also available to provide practical, business-orientated advice on how to best protect yourself from the ongoing commercial effects of Covid-19.
For further advice on GDPR or pursing your contractual rights, please contact Philip Brown.
T: +44 (0)20 7390 0289
M: +44 (0)7887 538308