5 pillars of drop shipping contracts: Creating security in a fast-growth model
Drop shipping is growing fast. Find out how the right contracts can protect your margins, brand and legal position.
Read More
On 07 October 2022, the UK’s Secretary of State for Digital, Culture, Media and Sport issued a statement highlighting the progress made between reaching a UK adequacy assessment for the US, which will enable personal data to freely flow between the two countries.
7 November 2022
Insight
Data protection laws in the UK require that transfers of personal data to overseas territories be subjected to additional legal processes in territories that do not meet the UK’s adequacy standards.
A data adequacy decision confirms that a country’s level of personal data protection is comparable to that of the UK’s. The decision is taken by the Secretary of State, who must be satisfied that the standards afforded by the UK data protection regime are not undermined when data is transferred to another country.
More details on the laws of international data transfers can be found in our previous article: What you need to know about the new international data transfer laws.
Prior to the introduction of the Addendum to the EU Standard Contractual Clauses (the ‘Addendum’), data transfers to the US were protected by the Privacy Shield, an arrangement under which data could be transferred between the US and the EU and UK. However, following the decision in Schrems II (more detail on Schrems II can be found HERE), it was deemed that the Privacy Shield did not afford sufficient rights to data subjects and that data controllers did not have stringent enough obligations around the safety and security of personal data.
In 2020, 85% of UK service exports to the US were data-enabled, accounting for £69.3b of revenues and making up 30% of all UK data-enabled exports.
Therefore, the significant volume of data exported to the US prior to the decision of Schrems II, and the benefits that this has on the UK economy, necessitates a regime which allows for data transferred freely between the two countries.
In recognition of the barriers that the Schrems II decision placed on data transfers between the UK and the US, the two countries have since been in dialogue as to how to overcome the challenge.
In 2021, the then-Secretary of State for Digital, Culture, Media and Sport (‘DCMS’) Nadine Dorris and the United States Commerce Secretary Gina M. Raimondo, issued a joint statement signifying the shared commitment of the two countries to deepen the UK-US data partnership and to promote the exchange of data across borders.
On 07 October 2022, the Secretary of State for DCMC and Gina M. Raimondo confirmed the number of steps that have been taken towards a new data adequacy agreement, allowing for the easing of barriers on data transfers between the UK and the US. This statement came on the same day as President Biden signed an Executive Order setting out the steps the US will take to implement its commitments under a new EU-US data privacy framework.
Should the UK meet the qualification conditions set out by the Executive Order, the safeguards it will provide will likely contribute significantly towards the UK’s adequacy assessment of the US data privacy regime.
Effects of the UK-US data agreement
An adequacy decision for the US could see significant positive economic impacts for both countries, as it would reduce costs and increase efficiency in data transfers between the two countries, as well as reassuring UK citizens that their data is being transferred and stored safely and securely.
Contact Us
If you are wanting to transfer data internationally, we strongly recommend you seek legal advice to ensure the correct instruments are being used to facilitate the transfer. For support and advice on all data protection concerns, please contact Haroon Younis, Partner and Head of Commercial, on 01332 226 466 or fill in the form below.
Related Services
Knowledge
Drop shipping is growing fast. Find out how the right contracts can protect your margins, brand and legal position.
Read MoreLearn about fiduciary duties, commission disclosure, and legal compliance after the Expert Tooling v Engie ruling.
Read MoreLearn how Rukhadze v Recovery Partners reinforces strict fiduciary duties and what it means for your business and governance.
Read MoreThe ICO and CMA's joint statement outlines new AI in finance regulations, focusing on data protection, competition, and consumer safeguards.
Read MoreA decade of progress – but the fight against modern slavery isn’t over, we highlight how businesses can meet stricter transparency rules.
Read MoreNavigate AI regulations in financial services. Key insights from the FCA & ICO on compliance, data protection, and innovation.
Read MoreExplore how to create an AI usage policy that mitigates risks and ensures responsible adoption for your business.
Read MoreEffective data safety and optimisation are key to business success, reducing risks and improving efficiency in a digital world.
Read MoreLandmark EU court ruling awards damages for unlawful data transfer. Learn what this means for GDPR compliance and safeguarding your business.
Read MoreProtect your SME from data breaches. Discover key tips for GDPR compliance and data security during Data Protection Week.
Read MoreBoost profitability with well-negotiated commercial contracts—learn essential terms to protect and grow your business.
Read MoreDiscover the key changes introduced by the Data (Use and Access) Bill and how organisations must adapt to meet compliance requirements.
Read MoreScroll to next section
Scroll back to the top
On Monday 29 September, Flint Bishop successfully completed the acquisition of the entire business of Lupton Fawcett LLP. You have been forwarded to the page most relevant to your visit.
Please feel free to explore our website and learn more about our legal services and professionals, including those who have recently joined us from Lupton Fawcett.