The EU executive is assessing the UK data protection landscape as part of a “adequacy decision” to determine whether EU data can be safely transferred to the UK after Brexit. On 10 November 2020, the European Data Protection Committee published new guidelines on standard contractual clauses, which set out additional measures to address the deficiencies, along with the clauses mentioned in SCHREMS II. These complementary measures, which must be applied in combination with a standard contractual clause, provide a safe and internationally recognized mechanism for transmitting alternative data. We recommend that the Data Protection Delegate review these guidelines in detail in order to optimally prepare for a potential undequacyd scenario. The guidelines outline measures to be taken to define standard contractual clauses, potential sources of information and some examples of additional measures that could be taken. The United Kingdom has introduced draft legislation on the revision of the Data Protection Act (1998) in accordance with the RGPD. The Data Protection Act (2017) is currently under way in the British Parliament, which is due to be passed as law. This could help the UK make a decision on adequacy, as it shows, to some extent, that the UK is at the same level as the RGPD. Do you think the UK will benefit from adequacy status from the EC? In general, the Commission is examining whether a country outside the EU offers an adequate level of data protection. National (general and sectoral) law, international obligations, existing and functional obligations The supervisory authority (The Office of the Information Commissioner, ICO) will be reviewed. The UK Government believes that a “adequacy decision” should be easy to obtain, given that the RGPD is introduced into UK local law and the UK, as a former EU member state, has a long tradition of protecting personal data. According to the government, the UK data protection framework will be fully aligned with the RGPD when it leaves the EU.
However, there are some challenges: “Our report concludes that no adequacy decision has the potential to make a contribution that undermines the competitiveness of the UK`s key services and the digital technology sectors that have developed very strongly in recent years.