Despite Brexit: data transmission to the UK remains permissible

Even after Brexit, data transfer to the United Kingdom will be possible without additional measures. You can find out more about this below.

Background of the problem

On January 31, 2020, the United Kingdom will finally leave the European Union. This is also an explosive fact in data protection law. Because personal data may only be transmitted within the European Union and the European Economic Area.

For data transfer to other countries, a person responsible must take further security precautions in accordance with Art. 44 GDPR ff.

Withdrawal Agreement

After several years of tough negotiations, it has now been possible to conclude a withdrawal agreement between the United Kingdom and the European Union. This avoids the risk of a hard, completely unregulated Brexit for the time being.

The Withdrawal Agreement stipulates that the currently applicable European laws, including the GDPR, will remain in effect in the United Kingdom for a transitional period until at least 31 December 2020. As a result, the United Kingdom is not considered a third country for this period and therefore no additional measures need to be taken by a controller.

Another outlook

Even after the end of the transition period, an amicable solution to the problem of data transmission after Brexit seems to be in sight.

The European institutions have expressed their intention to recognize the United Kingdom as a so-called safe third country according to Art. 45 GDPR as soon as possible. This would mean that data can still be transferred to the UK without additional measures.

We will keep you informed about this and other exciting topics in our newsletter!

Any questions? We are happy to help. Contact us.

This post is also available in: German