Government making ‘technical assessment to ensure high standards of data protection’ in UK-US transfers
Minister says countries are ‘engaging positively’ on planned adequacy arrangement
Credit: Richard Keith Wolff / Demotix/Demotix/Press Association Images
UK officials are already undertaking a “technical assessment” of the implications of a potential data adequacy arrangement with the US, according to a government minister.
The government announced last month that, now the UK has completed its exit from the European Union, it wanted to implement adequacy arrangements with a range of other nations. Such agreements would, effectively, mean that the data-protection regimes of the countries in question had been assessed and certified as offering at least the same standards of protection as the UK. This, in turn, would mean personal data could flow unfettered between organisations in the UK and those in the nations holding adequacy status.
Among the government’s top priorities for arranging an adequacy agreement – alongside Australia, Colombia, the Republic of Korea, Singapore and the Dubai International Finance Centre – was the US.
According to Julia Lopez, recently appointed as a minister of state at the Department for Digital, Culture, Media and Sport, transatlantic discussions are already underway between representatives of the two governments.
“Given our strong security, economic, and trade relationships, the US is one of the UK’s most important partners,” she said. “We are engaging positively with our US counterparts and progressing the technical assessment to ensure that high standards of data protection would be maintained under an adequacy arrangement.”
After the initial tranche of priority countries and territories, the government has already indicated that Brazil, India, Kenya and Indonesia will be next in the queue for adequacy agreements.
“International data transfers are vitally important to global economies, societies, and individuals’ lives,” the minister added, in answer to a written parliamentary question from Scottish National Party MP Owen Thompson. “Securing data adequacy arrangements with our priority partners will be a significant step in the UK’s ongoing plans to unlock the power of data to drive UK growth and innovation.”
The UK – after more than a year of discussions – sealed its own data adequacy agreement with the EU in June, becoming the 13th country or territory whose data-protection regime has been certified as compliant with European law.
While the government does now have the power to make its own data-adequacy decisions, the more that the UK landscape diverges from that of the EU, the greater the risk of jeopardising the adequacy arrangement.
Many of the countries prioritised by the UK government for adequacy agreements do not have any such arrangements with the EU; the US is not deemed by the EU to adequately protect the data of European citizens. Nor, as yet, are Australia, Colombia, Singapore, Dubai, Brazil, Indonesia, India, or Kenya.
Multimillion-pound system is intended to mitigate the loss of access to pan-European SIS security database
Union claims new system threatens 3,000 jobs
Report warns that government is spending hundreds of millions of pounds without knowing the impact
Breach saw publication of home addresses of award-recipients including Elton John and the department's own head John Manzoni