With the end of the Brexit transition period quickly approaching on 31 December 2020, the future of international data transfers between the UK and the European Union (EU) and European Economic Area (EEA) remains somewhat unclear.
As background, Article 44 of the General Data Protection Regulation (GDPR) prohibits the transfer of personal data from the EU/EEA to recipients in jurisdictions outside the EU/EEA, unless specific conditions are met. One such condition under the GDPR is an “adequacy decision” granted by the European Commission. If a third country is deemed adequate by the European Commission, the personal data can be transferred to that country without any additional safeguards being required.
Continue Reading The UK is preparing its adequacy decisions post Brexit