New UK data protection law proposals
This article was published in June 2022 and reflects the regulatory position at that time. For current guidance on this topic, contact Bratby Law or see our latest insights.
-
-
Personal data export from the UK
This article was published in March 2022 and reflects the regulatory position at that time. For current guidance on this topic, contact Bratby Law or see our latest insights. Quick answer. In February 2022 the UK published two alternative sets of contracts for exporting personal data from the UK to non-adequate countries: the International Data…
-
UK’s proposed new data protection law
This article was published in September 2021 and reflects the regulatory position at that time. For current guidance on this topic, contact Bratby Law or see our latest insights. Quick answer. The UK government published proposals on 10 September 2021 to reform UK data protection law, using post‑Brexit freedom to set separate UK rules. The…
-
EU finds UK has adequate protections for personal data
This article was published in June 2021 and reflects the regulatory position at that time. For current guidance on this topic, contact Bratby Law or see our latest insights. On 28 June 2021, the EU Commission found that the UK provides adequate protection for personal data, enabling personal to freely flow from the EU (and…
-
Data Protection | EU | UK
Using the new EU standard clauses to enable cross-border data export
This article was published in June 2021 and reflects the regulatory position at that time. For current guidance on this topic, contact Bratby Law or see our latest insights. Quick answer. From 27 June 2021 exporters of personal data from the EU to third countries could adopt the new EU Standard Contractual Clauses under Commission…
-
Europe progresses revised ePrivacy rules
EU progresses revised ePrivacy Regulation
-
Data export: EU provides more clarity after Schrems II
This article was published in November 2020 and reflects the regulatory position at that time. For current guidance on this topic, contact Bratby Law or see our latest insights. Quick answer. The European Data Protection Board’s recommendations of 10 November 2020 set out a six‑step method for assessing whether personal data can be transferred outside…
-
EDPB guidance on ‘supplemental measures’ for data export
This article was published in November 2020 and reflects the regulatory position at that time. For current guidance on this topic, contact Bratby Law or see our latest insights. On 10 November, the European Data Protection Board adopted a recommendation on supplemental measures which might be used to ensure compliance with the EU level of…
-
European Data Protection Board releases updated data controller / date processor guidance for comment
This article was published in September 2020 and reflects the regulatory position at that time. For current guidance on this topic, contact Bratby Law or see our latest insights. Quick answer. The European Data Protection Board’s updated guidance of 7 September 2020 refined the tests for distinguishing controllers from processors under GDPR Articles 4, 24,…
-
EU and US start work on enhanced Privacy Shield: Mr Schrems to be persuaded…
This article was published in August 2020 and reflects the regulatory position at that time. For current guidance on this topic, contact Bratby Law or see our latest insights. Quick answer. The EU Commission and US Department of Commerce announced on 10 August 2020 that they had started talks on a successor to the invalidated…
-
Exporting data from the EU after Schrems II: what to do now
This article was published in July 2020 and reflects the regulatory position at that time. For current guidance on this topic, contact Bratby Law or see our latest insights. Quick answer. After Schrems II, exporters of personal data from the EU to the US and other third countries must rely on an alternative Article 46…
-
European Court invalidates US Privacy Shield and questions blanket use of Standard Contractual Clauses
Schrems II disrupts data export from EU: on 16 July 2020, the European Court of Justice decided, overturning the 2016 Privacy Shield Decision of the European Commission, that the US Privacy Shield did not, and does not, provide an adequate level of protection for the transfer of personal data from the EU to the US.
