BRUSSELS: The European Commission on Monday said it had adopted decisions allowing Europeans’ data to keep flowing to Britain, satisfied that protections had so far not been affected by Brexit.
London’s “legal regime of protecting personal data is as it was,” the commission vice president in charge of transparency, Vera Jourova, said in a statement.
“We have significant safeguards and if anything changes on the UK side, we will intervene,” she said.
The two decisions, on the EU’s GDPR (General Data Protection Regulation) rules on personal data protection and on a law enforcement directive, mean that personal data collected in the EU and going to Britain “benefits from an essentially equivalent level of protection to that guaranteed under EU law”.
The decisions will notably ensure that British-based companies reliant on EU citizens’ data can continue to operate.
A post-Brexit transition period leaving rules on data flows unchanged was to run out at the end of June.
The EU decisions, however, came with a few riders. For one, there is a “sunset clause” limiting the adequacy agreement to four years. And should Britain at any time deviate from the GDPR, “the commission can decide at any point in time to suspend, to terminate or to amend the decision,” a commission spokesman told journalists.
Also, personal data related to immigration control is excluded from the overall agreement, in light of a British court decision a month ago ruling that restrictions imposed by the GDPR in that area were incompatible with UK law.
“The EU has the highest standards when it comes to personal data protection and these must not be compromised when personal data is transferred abroad,” EU justice commissioner Didier Reynders said.
Comments
Comments are closed.