Negotiations on EU-UK future relationship start in Brussels

The first round of the EU-UK future partnership negotiations have started, and will be followed by further negotiation rounds every two to three weeks in Brussels and in London. A high-level meeting is planned for June 2020. For data protection, if negotiations on adequacy for data transfers from the EU to the UK are simply at a technical level, the proposed timescale (end of 2020) could just be workable. However, at a political level, if data protection is used as a bargaining chip in the negotiations, things get much more complicated.

In the meantime, the UK is starting to conduct its own adequacy assessments. It is hoped that the UK adequacy assessments and decisions can be taken more quickly than the EU has done, but this remains to be seen. For now, everything remains business as usual as the GDPR will continue to apply in the UK, and UK and EEA-based controllers will not need to take any immediate action. But as the Prime Minister seems to be more than willing to steer away from the GDPR, we need to monitor developments closely and, no doubt, organisations are paying even more attention to alternative transfer mechanisms.

In this issue we assess developments in biometrics and biometric identification systems, and the emerging Children’s Code which still needs Parliamentary approval but will signify a shift in attitudes and practice. A different kind of dilemma is the interface between anti-money laundering and data protection laws. Can there ever be common ground? Perhaps, suggests our correspondent.

The ICO is considering its role in the data ethics debate with a view to launching a public consultation in the second quarter of 2020. Read my interview with Ellis Parry, who is the ICO’s newly appointed Data Ethics Adviser, Technology and Innovation. The ICO is again expanding its horizons to new areas.

Laura Linkomies
Editor, Privacy Laws & Business

March 2020