Connect with us

Hi, what are you looking for?



Brussels Okays EU-UK Personal Data Flows

The European Commission lifted the threat of crucial data flows between Europe and Britain being blocked in a move that would have crippled business activity as it said Friday that privacy safeguards in the UK met European standards.

The European Commission lifted the threat of crucial data flows between Europe and Britain being blocked in a move that would have crippled business activity as it said Friday that privacy safeguards in the UK met European standards.

In a key post-Brexit decision, the EU executive said that British authorities had sufficient measures in place to protect European users’ personal data, freeing up data transfers for businesses as well as for police.

The adequacy decision, to be formally adopted by the 27 member states, would ensure that data protection will “never be compromised when personal data travel across the Channel,” said EU Justice Commissioner Didier Reynders.

Businesses will breath a sigh of relief at the decision, with more and more companies relying on cross-border cloud computing and other technology to function everyday.

This was made especially clear during the Covid-19 pandemic as companies, schools and governments increasingly went online, counting on big tech’s networks to operate.

A negative decision would have blocked the transfer of data from EU-based companies to the UK, crippling activity.

– Sensitive issue –

Britain is seeking similar adequacy decisions for its financial services, but this is proving far more contentious, with Brussels giving no clear indication of when a decision will be made.

Advertisement. Scroll to continue reading.

The EU currently has data adequacy agreements with 12 countries, including Japan, Switzerland and Canada and negotiations are underway with South Korea.

Once approved, personal data transferring through Britain will be treated as if it was moving within the EU.

Oliver Dowden, Britain’s Secretary of State for Digital, said he welcomed the move “although the EU’s progress in this area has been slower than we would have wished.”   

“I am glad we have now reached this significant milestone following months of constructive talks in which we have set out our robust data protection framework,” he added.

The security of personal data has become a sensitive issue, with the EU’s top court having struck down a similar arrangement between the EU and United States.

The European Court of Justice has decided on several occasions that national security laws in the United States are in violation of European privacy standards making the deal illegal.

For the UK, the commission assessed that country’s Investigatory Powers Act of 2016 which contains extensive powers including the ability to carry out bulk data surveillance. 

The EU, however, found those powers were satisfactorily controlled by UK law and Britain’s adherence to the European Convention of Human Rights.

The Business Software Alliance, a lobby group for big tech companies including Microsoft, Oracle and IBM said it was “delighted” by the decision. 

“This will provide long-term confidence that data will continue to flow between the two partners post-Brexit,” said BSA’s Thomas Boue, policy chief for Europe.

Max Schrems, an Austrian lawyer and activist who led the fight against the EU’s data arrangements with the US, tweeted that there were issues with the UK proposal on security that will require “deep analysis”. 

Written By

AFP 2023

Click to comment


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.


SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.


People on the Move

Former DoD CISO Jack Wilmer has been named CEO of defensive and offensive cyber solutions provider SIXGEN.

Certificate lifecycle management firm Sectigo has hired Jason Scott as its CISO.

The State of Vermont has appointed John Toney as the state’s new CISO.

More People On The Move

Expert Insights

Related Content

Artificial Intelligence

Two of humanity’s greatest drivers, greed and curiosity, will push AI development forward. Our only hope is that we can control it.

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...


Many in the United States see TikTok, the highly popular video-sharing app owned by Beijing-based ByteDance, as a threat to national security.The following is...


Employees of Chinese tech giant ByteDance improperly accessed data from social media platform TikTok to track journalists in a bid to identify the source...

Application Security

Open banking can be described as a perfect storm for cybersecurity. At one end, small startups with financial acumen but little or no security...


The proposed UK Online Safety Bill is the enactment of two long held government desires: the removal of harmful internet content, and visibility into...

Mobile & Wireless

As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for...

Cloud Security

AWS has announced that server-side encryption (SSE-S3) is now enabled by default for all Simple Storage Service (S3) buckets.