European Commission: UK Adequately Protects EU Personal Data
The U.K. is providing adequate protection for personal data transferred from the EU, the European Commission said Tuesday, initiating the process to adopt a new adequacy decision.
Sign up for a free preview to unlock the rest of this article
Privacy Daily provides accurate coverage of newsworthy developments in data protection legislation, regulation, litigation, and enforcement for privacy professionals responsible for ensuring effective organizational data privacy compliance.
The EC said it assessed amendments to the U.K. General Data Protection Regulation and the U.K.’s Data Protection Act of 2018. The commission concluded that “the United Kingdom continues to ensure an adequate level of protection for personal data transferred within the scope of Regulation (EU) 2016/679 from the European Union to the United Kingdom.”
The commission said it analyzed whether the “foreign legal system as a whole delivers the required level of protection” through data-protection rights, effective implementation, supervision and enforcement.
IAPP Director of Research & Insights Joe Jones said the decision shows the EC isn’t insisting on “faithful replication” of the EU’s GDPR, and approval of the U.K.’s version shows the EC “might be taking some inspiration from the U.K. as part of its own ongoing work to revise the GDPR.”