Credit: Geert Vanden Wijngaert/AP/Press Association Images

The government has legislated for “transitional” measures to ensure that – following the end of the Brexit transition period on 31 December – data can continue to be legally transferred between the UK and the rest of Europe.

With less than three months until the conclusion of the transition period, the EU has yet to grant the UK the “data adequacy” status that would allow information to continue flow freely between this country and the remaining 27 member states. 

There is no clarity on when such a decision might be made, nor if the UK will, ultimately, be granted adequacy status.

The government has faced an increasing volume of questions as to what is being done to ensure that, for both businesses and public authorities, data can continue to be transferred across borders.

Related content

• Policy on public sector use of US cloud under review as uncertainty grows over post-Brexit data transfers
• UK-US data transfers will remain protected by Privacy Shield after Brexit, minister claims
• EU data watchdog calls for ‘significant improvements’ to Privacy Shield

Minister for media and data John Whittingdale said that the government is “seeking adequacy decisions from the EU, under both the General Data Protection Regulation and the Law Enforcement Directive, before the end of the transition period”.

“This process is moving forward and talks between the UK and EU have been underway since 11 March,” he added. “The EU’s adequacy assessment is separate from other UK-EU negotiations.”

Regardless of the outcome of this process, Whittingdale claimed that the government has put legislative measures in place to make sure that – in the near-term – information can continue to be transferred by both businesses and law-enforcement authorities.

“To continue the free flow of data from the UK to the EU, we have legislated so that personal data for general processing can continue to flow freely, on a transitional basis, from the UK to the 30 EEA (European Economic Area) states and the EU Institutions after the end of the transition period,” the minister said. “We have also ensured that personal data for law enforcement purposes can flow freely, on a transitional basis, to the 27 EU member states to support cross-border cooperation in preventing crime.”

He added: “We will keep these arrangements under review and will, in any event, conduct adequacy reviews within four years of them coming into effect – i.e. by 1 January 2025 – as required by our law.”

Whittingdale was answering a written parliamentary question from Sarah Olney, Liberal Democrat MP for Richmond Park.