On December 24, 2020, the European Commission (EC) and UK government announced the long-awaited EU-UK Trade and Cooperation Agreement (the Brexit Agreement), which sets out the future relations between the EU and the UK. If approved, the Brexit Agreement will become effective on January 1, 2021, and will have the following repercussions:
What Happens Next?
The Brexit Agreement is scheduled to be approved by the EU Council on December 31, 2020, and by the European Parliament in early 2021. The UK Parliament will convene today, December 30, to vote on the Brexit Agreement, and is expected to approve the Brexit Agreement by the end of the day.
Companies that regularly transfer data between the EU and the UK will no doubt be relieved that the Brexit Agreement will allow for the continued free flow and storage of personal data. Part of this measure, however, is temporary and it remains to be seen if an adequacy decision will be reached in time before the expiry of the interim period. In the meantime, organizations should review whether their lead authority assessment, any ongoing investigations, or BCRs will be impacted by Brexit, or whether they need to appoint a legal representative in the EU and/or the UK.
Our EU and UK privacy and cybersecurity team is closely monitoring this topic and will provide updates when they are released.
Wilson Sonsini Goodrich & Rosati routinely advises clients on GDPR compliance issues, and helps clients manage risks related to the enforcement of global and European data protection laws. For more information, please contact Cédric Burton, Jan Dhont, Lydia Parnes, Christopher Olsen, or another member of the firm's privacy and cybersecurity practice.