UK seeks an independent data protection policy
Full alignment with the GDPR cannot be taken for granted any longer as Boris Johnson, the Prime Minister, steers away from commitments made in the Withdrawal Agreement. By Laura Linkomies.
The UK’s negotiating mandate with the EU on the UK-EU future relationship, published on 27 February, states that the “UK will have an independent policy on data protection at the end of the transition period and will remain committed to high data protection standards”. This strategy is set and the focus is now on making it work.
The UK is seeking two adequacy decisions from the EU (one under the GDPR and one under the Law Enforcement Directive) and both parties hope to reach this by the end of 2020. The government is confident that it will strike a positive relationship on data, arguing that doing so is in the interests of both sides, and that its data protection standards are equivalent to the EU’s. In the Prime Minister’s written statement to the House of Commons on 3 February 2020, he explained that “the UK would see the EU’s assessment processes on financial services equivalence and data adequacy as technical and confirmatory of the reality that the UK will be operating exactly the same regulatory frameworks as the EU at the point of exit. The UK intends to approach its own technical assessment processes in this spirit.” The government declares that any adequacy decision would be separate from the wider future relationship and would not form part of trade agreements.