It has been a momentous week for UK politics. With Parliament back from the summer recess MPs moved to seize the Order Paper from Government. There then followed an audacious move to legislate against a “No Deal” Brexit, a move which would hamstring the Government’s Brexit negotiation strategy. The Government’s strenuous attempts to prevent the passage of legislation to take the “No Deal” option out of the equation led to the withdrawal of the whip (in effect the suspension) of 21 Conservative MPs. The legislation that would prevent a No Deal outcome will return to Parliament early next week. It remains to be seen whether the legislation achieves Royal Assent and is written into law.
In the meantime, the plan to prorogue Parliament for five weeks ahead of the Brexit deadline moved on apace despite a number of legal challenges.
Elsewhere
This week also saw the Prime Minister’s own brother, Jo Johnson, resign as Universities Minister registering his objection to the direction of the Brexit negotiations which he viewed as no longer in the national interest.
On a happier note Downing Street announced the arrival of a new resident as the Prime Minister and his partner unveiled Dilyn their new puppy.
The Prime Minister is keen to reinforce his Government’s resolve to achieve Brexit, with or without a deal by the 31st October deadline. But despite his vigorous defence of this policy it remains unclear whether this will be achieved.
Implications for businesses
Amongst all this political turmoil it is difficult for businesses to plan ahead especially if the business model includes data transfers to or from EEA companies.
In the case of a No Deal Brexit on the date of departure the UK becomes a ‘Third Country’ in terms of EU data transference rules. This means companies that the UK will not have adequacy status, so needs to take particular steps when processing EEA* data, for example, the data of your customers or prospects or clients.
What you need to do
The UK will recognise all EEA countries as adequate under UK law. So there are no issues with you continuing to send personal data to the EEA.
The reverse, however, is not the case so there will be major changes when transferring personal data from the EEA to the UK. You need to prepare:
- “Know your data” specifically that data you process about EU individuals. Make sure your data mapping is up to date and identifies those individuals outside the UK, but within the EEA.
- Take appropriate GDPR safeguards for processing and transfers of EEA data, and update your privacy policy accordingly
- Use Standard Contractual Clauses to enable transfers of personal data from the EEA to the UK and vice versa.
- If you are using Binding Corporate Rules, these will need to be adjusted slightly post-Brexit.
*EEA = The 27 European Member States, plus Iceland, Liechtenstein and Norway.
Please feel free to contact us if you have any queries or concerns about how Brexit will affect your business, by calling 01787 277742 or email teambrexit@datacompliant.co.uk