Brexit changes to the data protection regime
Following the end of the Brexit transition period (which ended on 31 December 2020), the GDPR no longer applies in the UK. However, in real terms, there are few substantive changes to UK data protection law.
The Data Protection Act 2018 (as now amended by the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019)), does now set up a separate regime under the ‘UK GDPR’ and makes certain administrative changes (for example, by substituting references to EU institutions with UK ones) to ensure the regime makes sense and remains functionally effective. However, the EU GDPR and the UK GDPR remain alike in substance.
Longer term, this will likely change. Whilst the UK government may not be considering any immediate legislative changes, the very fact that the UK courts and CJEU jurisprudence will inevitably diverge over time will have an impact. As such, businesses may wish to think carefully about how they define applicable data protection law in relevant contracts.
This is not to say that no immediate action is required and businesses should consider assessing how any changes uniquely affect them. For example, for multi-national businesses that currently rely upon Binding Corporate Rules, if the UK ICO was not the lead supervisory authority that issued their authorisation, an application to the UK ICO for a ‘UK BCR’ approval may be needed (by 31 June 2021). A review may also be needed to ensure that they meet UK (as well as EU) requirements.
One of the biggest potential impacts Brexit may have had to data protection law was that if a trade agreement had not been reached, the UK would no longer have automatically maintained uninterrupted data flows with the EU. Instead, the UK would have been a third country and businesses would have needed to consider relying upon SCCs (see our article above: Developments to the Standard Contractual Clauses) or some other lawful transfer mechanism. Thankfully, the announcement of the Brexit ‘Trade and Cooperation Agreement’ (the “Brexit Agreement”) has meant that this is not currently a concern. Under the Brexit Agreement the UK is given ‘pseudo’ adequacy for up to 4 months (extendable to 6 months unless one of the parties objects). If adequacy is not granted during this time, businesses may need to once again consider the need for SCCs etc. but this is, hopefully, unlikely.
For more information please contact Jonathan McDonald and Olivia Crane.
Our thinking
Natalie Batra
ITV takes the plunge and “couples up” with Ebay to dress love island contestants in pre-loved clothing
Grégoire Uldry
New Swiss succession law on the transfer of businesses
On 10 June 2022, the Federal Council adopted its Message amending the Civil Code on the transfer of businesses by succession.
Louise Paterson
Artnet quotes Louise Paterson on the Ivory Act
UK’s Ivory Act comes into force
Pei Li Kew
Pei Li Kew writes for Pharmacy Business on the link between pharmacy and IP
Pei Li Kew writes for Pharmacy Business on the link between pharmacy and IP
Jonathan McDonald
Announcement of a new Data Bill as part of the Queen's Speech
Jonathan McDonald
Jonathan McDonald provides comment for City AM on the Data Reform Bill announced in the Queen's Speech
Jonathan McDonald provides comment for City AM on the Data Reform Bill announced in the Queen's Speech
Nick White
Charles Russell Speechlys advises Symphony Holdings Limited on the sale of its PONY trade mark portfolio for USD $28 million
Charles Russell Speechlys advises Symphony Holdings Limited on the sale of its PONY trade mark portfolio for USD $28 million.
Simon Ridpath
Simon Ridpath featured in the Lawyer’s Hot 100 list
Simon Ridpath features in The Lawyer’s Hot 100 list
Natalie Batra
Patents and Peppa Pig: What is happening to intellectual property rights in Russia?
Certain Russian individuals and businesses can now use patents, utility models and industrial designs without obtaining prior permission.
Simon Green
International Bar Association quotes Simon Green on the future of the legal sector in Hong Kong
International Bar Association quote Simon Green on the future of Hong Kong's legal sector
Charlotte Duly
Charlotte Duly quoted in Retail Gazette on House of Zana trademark dispute
Charlotte Duly quoted in Retail Gazette on House of Zana trademark dispute
Caroline Greenwell
Nowhere to hide for greenwashing brands
In the UK, regulators are cracking down, with many companies now at risk of financial and other penalties.
Jamie Cartwright
Weighing up the Plastic Packaging Tax
The Plastic Packaging Tax came into force on 1 April 2022.
Jamie Cartwright
Crunching numbers - Mandatory calorie laws come into force
The Calorie Labelling (Out of Home Sector) (England) Regulations 2021 (the Regulations) are now in force.
Jody MacDonald
Liverpool FC’s Hero Club and the current state of play with football NFTs
Liverpool’s Hero Club hit the headlines this week and serves as an interesting reflection of the current state of play.
Rachel Bell
Rachel Bell commented in IT Pro on the implications of the proposed EU’s Digital Markets Act
The proposed EU’s Digital Markets Act is set to require larger messaging platforms to interoperate with their smaller rivals.
Quentin de la Bastide
Constructing a Blue-print for Electronic Execution – New Guidance from the Industry Working Group on the Electronic Execution of Documents
Sonia Kenawy
Claimant ordered to pay security for costs in cryptocurrency dispute and digital assets rejected as form of security
Proceedings that are sure to be watched closely by the cryptocurrency community as well as legal practitioners.
Stewart Hey
Freezing Orders: Policing the Nuclear Option (PT 2)
Looking at the impact these checks and balances have when it comes to drafting and construing the terms of the order.
Stewart Hey
Freezing Orders: Policing the Nuclear Option
This article considered some of the checks and balances that apply when seeking access to one of the law’s most potent weapons.