Data Protection and Brexit – what's the plan?
30 - 05 - 2019
Data Protection and Privacy
In a speech given by the ICO Deputy Commissioner (Policy), Steve Wood, at the nineth European Data Protection Days conference in Berlin on 20 May 2019, he said:
“At some point our relationship with Europe and the way that we interact with our DP partners will change. We know that. What we don’t know yet is what precisely these changes will be.”
So a senior officer at our very own Data Protection Authority reminding his peers (and us) that we still do not know what sort of data protection relationship we will have with our existing EU partners six months from now. More worryingly, there is still uncertainty over data transfers between the UK and the EEA if we leave without a deal, a prospect that, perhaps more than ever, cannot be discounted.
Are tech businesses which process personal data, some coming from or going to the EU, aware of this? The UK has unilaterally accepted that data transferred from an EEA territory will be good enough for us, as yet there has been no reciprocal move from the EU. We will be a “third country”, without a regime in place to recognise the sufficiency of the UK’s data protection regime which the relevant European bodies have said many times that they will only consider after Brexit has already happened. In our opinion, that would seem to be a political move rather than one which looks to ensure that individuals’ personal data is protected.