All EU member states agreed to my adequacy decision. Companies operating in Europe are allowed to transfer personal and other data of European citizens to the United Kingdom. This means that member states are satisfied that the British have put in place adequate safeguards to protect the personal data and privacy of Europeans. Opponents think otherwise.
to write network policy, a site that reports on issues related to digital freedoms and openness. .
Brexit makes sharing data with the UK more difficult تبادل
As of December 31, 2020, the UK is no longer officially part of the European Union. Since then, the British are no longer obligated to comply with European laws and regulations, such as the General Data Protection Regulation (GDPR). However, it is in the UK’s best interest to abide by European privacy rules. If they didn’t, it would be virtually impossible for British companies to do business with mainland Europe.
To prevent this, the UK copied several privacy laws in April, the General Data Protection Regulation (GDPR) and police and justice directives. At the same time, the European Commission has drawn up two decisions that suffice to allow the exchange of personal data from Europe to the United Kingdom. A adequacy decision is a decision in which the Executive Council of the European Union decides that a country has an adequate level of protection for personal data. This means that there are no objections to companies operating in EU member states to the transfer of personal data to the UK.
Member states give the green light to share data
Suitability decisions have yet to be approved by EU member states. This topic has already been discussed. Netzpolitik wrote that member states unanimously agreed to the decisions. This removes all barriers to data exchange with the UK.
Since the separation between the United Kingdom and the European Union, the exchange of personal and other data has become a legally complex story. It was agreed in the Brexit deal that nothing would be changed in this area after the agreements entered into force. This transition period could be extended to six months, but both the EU and the UK had to agree.
In order to regulate the exchange of data after July 1, the European Commission had to make an adequacy decision by the end of June. If the day-to-day administration of the European Union had not done so, the UK would have been considered a non-EU country since that date. In this case, data should only be exchanged if the UK has an adequate level of protection. Now that EU member states have agreed to adequacy decisions, this is no longer a problem.
Opponents fear mass surveillance by the British
Privacy activists and members of the European Parliament have expressed concerns about the decision to allow data sharing with the UK. In the context of national security and immigration control, the British government gives significant leeway to the GCHQ and MI6 intelligence and security services to provide access to privacy sensitive data. There are also not enough independent courts to monitor the way the services operate.
So opponents fear that enforcement and intelligence agencies have unfettered access to classified data. The European Data Protection Board (EDPB) faced similar criticism when the European Commission submitted draft proposals for adequacy decisions. The European Court of Justice and the European Court of Human Rights also recently ruled against surveillance practices by GCHQ and MI6. The courts have ruled that the intelligence practices of British services are a human rights violation.
Finally, privacy activists see parallels with Privacy Shield. In this agreement, agreements are concluded on the exchange and storage of privacy sensitive data of citizens of the European Union and non-EU member states. In July 2020, the European Court of Justice annulled this treaty. The judge found that Americans do not offer the same level of protection that we do here in Europe. The General Data Protection Regulation (GDPR) requires companies on the other side of the ocean to take equivalent storage and security measures as in the European Union. This is also known as the principle of proportionality. The Court held that Privacy Shield does not guarantee this, and therefore was declared void with immediate effect. Opponents believe this is also the case with suitability decisions made by member states.
