The US Privacy Shield & Brexit
What will Happen Regarding Data Transfers with the US?
Whilst many business are thinking about what will happen regarding Brexit and the continued lawful transfer of personal data with Europe, consideration also needs to be given as to how the UK will ensure that transfers of personal data can continue with the United States of America. You would be surprised as to what makes its way to the US and back to the UK.
What are the Existing Agreements in Place?
The EU–US Privacy Shield is a framework for regulating transatlantic exchanges of personal data for commercial purposes between the European Union and the United States. One of its purposes is to enable US companies to easily receive personal data from EU entities under EU privacy laws, meant to protect European Union citizens.
Privacy Shield Advice to US Organisations
Guidance has been issued by the Privacy Shield advising participants to apply the appropriate recommendations in order to continue transferring data to the UK. To view this statement in full please visit: www.privacyshield.gov/article?id=Privacy-Shield-and-the-UK-FAQs.
In order to receive personal data from the UK relying on the Privacy Shield, participants must update their Privacy Shield commitments by the Applicable Date, depending on how the UK and the EU implement the withdrawal. The Applicable Date will either be March 29 2019 if there is no Transition Period or December 31 2020 if there is a Transition Period.
It is therefore vital that all organisations wishing to transfer personal data between the UK and the US review their current practices and consider how the forthcoming requirements will impact upon future personal data transfers, post-Brexit.