Now that the United Kingdom has officially withdrawn from the European Union as of January 31, you should look at your transfers of personal data in light of Brexit. Under the Withdrawal Agreement between the UK and the EU, EU law (including GDPR) will continue to apply to and in the UK during the transition period from January 31, 2020 to December 21, 2020. During the transition period, the European Commission’s adequacy decision of the protection provided by the EU-U.S. Privacy Shield Framework will continue to apply to transfers of personal data from the UK to those certified to the Privacy Shield Framework. According to the International Trade Administration, the U.S. will consider a Privacy Shield participant’s commitments to comply with the Framework to include personal data received from the UK in reliance on Privacy Shield with no further action required.
Contact any member of the Mintz Privacy Team if you have questions relating to cross-border transfers of personal data in light of Brexit.