UK-US Data Bridge
16 July 2024
Webinar
Overview
Progress report: How the UK-US Data Bridge is simplifying legal data transfers
Time and Date: 16.00 BST, Tuesday 16 July 2024
Duration: 90 mins
Location: Online
CPE Credits: 1.5
The problems of transferring personal data from the UK and the EU to the United States are well known, because of the USA’s patchwork of federal, state and sectoral privacy laws.
The UK’s provision for overcoming this obstacle is the UK-US Data Bridge, which entered into force on 12 October 2023. But what is it, how does it work in practice and how does compare it with the similar EU provision?
In this webinar, you will learn:
- How the UK Government’s analysis of the US Data Privacy Framework can be used for Transfer Risk Assessments to the USA for an International Data Transfer Agreement or Addendum transfer.
- What questions have been reported to the ICO’s Helpline, so you can learn from this experience on implementation.
- The safeguards needed for data transfers and other action points.
- The steps you should to take, or avoid, when transferring personal data from the UK to the US.
- The differences between the UK-US Data Bridge and the EU-US Adequacy decision, adopted on 10 July 2023.
- Whether the US Privacy and Civil Liberties Oversight Board has been active dealing with cases or is merely available if necessary.
- The implications for the UK-US Data Bridge of President Joe Biden’s Executive Order, signed on 28 February 2024. For example, he referred to the Children’s Online Privacy Protection Act and international transfers of personal data. But does the Executive Order make a difference in practice?
- How the ICO is engaging with other regulatory bodies both with other national regulators and at EU level on international data flows.
Speakers:
- Emma Bate, Legal Director, Information Commissioner’s Office, UK
- Kitty Rosser, Principal Lawyer (Legal Advice), Information Commissioner’s Office, UK
- Travis Leblanc, Board Member, US Privacy and Civil Liberties Oversight Board, USA
- Clayton Northouse, Partner, Latham & Watkins, USA
Chair: Fiona Maclean, Partner, Latham & Watkins, UK
Host: Stewart Dresner, Founder and Chief Executive, Privacy Laws & Business
Speakers
-
Emma Bate
Legal Director, Information Commissioner’s Office, UK
Emma is a Legal Director at the Information Commissioner’s Office, overseeing the Data Privacy Advice and Contracts and Compliance legal teams.
She joined the ICO in 2017 from private practice where she had practiced as a data protection lawyer for 20 years. Emma often complains that her work is always interesting, important, and urgent! She supported the development of the ICO Sandbox, leads the ICO’s legal work on international transfers, and advised on ICO’s approach to controllers, processors and joint controllers for AI, cloud and other complex technology solutions.
-
Kitty Rosser
Principal Lawyer (Legal Advice), Information Commissioner’s Office, UK
Kitty is a Principal Lawyer at the Information Commissioner’s Office, working within the Data Privacy Advice team.
Kitty joined the ICO in 2023, having spent 15 years advising on data protection matters as a lawyer in private practice. Since joining the ICO, the focus of her work has been on international transfers under the UK GDPR and Part 3.
-
Travis Leblanc
Board Member, Privacy and Civil Liberties Oversight Board, USA
Travis LeBlanc is global co-chair of the cyber/data/privacy practice at Cooley LLP in Washington, D.C. and San Francisco. He is also a Presidentially-nominated and Senate-confirmed Member of the U.S. Privacy and Civil Liberties Oversight Board. LeBlanc was previously the Federal Communications Commission’s Enforcement Bureau Chief and earlier served as senior advisor to California Attorney General Kamala Harris, where he oversaw California’s complex litigation and policy in areas such as high-tech crime, cybersecurity, and privacy. He also worked in the U.S. Department of Justice’s Office of Legal Counsel and was appointed in 2017 as an arbitrator of disputes under the EU-U.S. Privacy Shield Framework. He currently serves on the boards of the International Association of Privacy Professionals (IAPP), Center for Democracy & Technology (CDT) and the advisory boards of the Electronic Privacy Information Center (EPIC), The Future of Privacy Forum (FPF), and Center for Information Technology Policy (CITP). A.B., Princeton University; M.P.A., Harvard University; J.D., Yale Law School; LL.M., University of Cambridge.
-
Clayton Northouse
Partner, Latham & Watkins, USA
Clayton Northouse counsels clients on transactional, regulatory, and litigation matters relating to global data protection, cybersecurity and consumer privacy, including:
- Transactional due diligence
- Incident response
- Surveillance and information sharing
- Cross-border data transfers
- Regulatory compliance with the EU GDPR, the CCPA, and other US state, federal, and global requirements
- Governance policies and procedures
- State attorneys general, FCC, FTC, and congressional investigations
He draws on extensive experience representing companies that have suffered cybersecurity attacks and consumer privacy incidents to craft defenses to litigation, congressional inquiries, and regulatory investigations.
-
Fiona Maclean
Partner, Latham & Watkins, UK
Fiona Maclean advises a diverse range of clients—from start-ups to technology giants and leading financial institutions—on data privacy compliance and technology transactions, with a particular focus on AI, cloud computing and data strategy.
As a “pioneering technology lawyer, sitting at the nexus of data and regulation” (The Lawyer, Hot 100), Ms. Maclean brings a unique cross-section of knowledge and experience spanning data, technology, IP and commercial contracts, to help clients navigate complex, multi-jurisdictional transactions within the broader framework of data privacy laws. She has an intricate understanding of the cutting-edge technologies that are transforming the market and unique industry insight into the design, manufacture and commercialization of these technologies.
As a Vice Chair of Latham’s global Technology Industry Group and a member of Latham’s AI Task Force, Ms. Maclean has been leading on a number of AI mandates for clients undergoing AI-powered transformations, advising specifically on data privacy considerations, commercial and contractual issues relating to the use of third party AI models, and implications of emerging law and guidance in this space (including the ICO’s AI Guidance and the draft EU AI Act.