From 1 January 2021 the United Kingdom will lose its automatic status as a safe destination for EU data when it falls outside of the EU’s legal jurisdiction. This will affect all EU data to be transferred to the UK (or any ‘third country’ that is not an EEA member.)

According to Phil Brown, a specialist lawyer at Conexus Law, it is doubtful that transfers from the EU to the UK will be compliant with GDPR following  court case in October which held UK law incompatible with EU law – and similarly no transfers to the US would be compliant following a judgement in July 2020 which rendered Privacy Shield invalid.

“This clearly poses a huge threat to international business and it is hard to see that it will be allowed to continue, although equally the contrasting views of Europe and the US as to data protection mean it is a difficult one to see resolved without wholesale legislative changes to either the European or US regimes. The UK is clearly more aligned with the rest of Europe, and so one would hope that the differences can be resolved swiftly and effectively but given the political implications of Brexit across Europe there remains a distinct lack of clarity,” comment Phil.

Phil has created a guidance paper on the subject which outlines the possible options for businesses and likely outcomes. This can be downloaded at: https://www.conexuslaw.com/insight/international-business-faces-post-brexit-data-threat-warns-legal-expert/