Personal data in a post Brexit UK
Andrew Kimble and Malcolm Dowden look at the impact of Brexit on information law and provide a case law update.
As well as providing for free trade in goods the EU-UK Brexit deal approved on 30 December brought some welcome clarity to the treatment of personal data now that UK GDPR is a wholly separate legal regime from EU GDPR.
In this session (recorded on 12 January 2021) we explored the practical implications of:
- The "grace period" of up to six months allowing transfers of personal data from the EU/EEA to UK.
- EU approval of new Standard Contract Clauses and the need for "additional measures" following the Schrems II ruling.
- Overseas' organisations' need for separate Article 27 representatives for EU/EEA and UK.
- Data subject rights and breach response under UK GDPR and GDPR. Is there a risk of double enforcement?
About the speakers
|
Andrew Kimble Andrew is a partner at Womble Dickinson specialising in all aspects of data protection and privacy work including data protection audits, data security incidents, cross-border data transfers, outsourcing arrangements, subject access requests, direct marketing and general data protection and freedom of information compliance. This email address is being protected from spambots. You need JavaScript enabled to view it. |
Malcolm Dowden Malcolm is a commercial and regulatory lawyer at Womble Dickinson with extensive experience of contractual regulatory and legislative drafting in the UK and other common law jurisdictions. This email address is being protected from spambots. You need JavaScript enabled to view it. |
