Brexit, Data Protection, Data transfers, GDPR

The Schrems II decision and Brexit

 

CJEU 2

The Schrems II judgement of the Court of Justice of the European Union (CJEU) makes the transfer of personal data to the US from the EU close to legally impossible. The Court has struck down Privacy Shield as incapable of providing sufficient protection for the personal data of EU citizens transferred to the US and has severely constrained the use of Standard Contractual Clauses (SCCs) as an alternative way of doing so.

The Court’s judgement is rooted in the belief that there is a significant disconnect between the EU’s emphasis on data privacy as a fundamental right, and the US’s stress on the national security imperative for its intelligence agencies to be able to access data transferred to the US. (See here for a useful summary of the background to the case).

The bottom line takeaway from the CJEU’s decision is that, no matter what procedure is used, it is illegal to transfer the personal data of EU citizens to third countries if that data cannot be protected to the standards that the EU demands when it arrives in that country.

The CJEU, in line with the Charter of Fundamental Rights and the wording of the GDPR, has prioritised data privacy over economic considerations. Whether an appropriate balance has been struck is for European politicians to decide.

Continue reading

Boris Johnson, Brexit, Data transfers, Michel Barnier, Negotiating, Trade Deals

Brexifornia: Checking out but never leaving

express

Brexit will never be over.

Brexit may be “done”, but there is no end state, no finish line, just a never-ending, groundhog day marathon. This even appears to be the case with (what we thought was) the signed and sealed Withdrawal Agreement (WA), the one Boris Johnson negotiated with the EU late in 2019.

One headline in the British press on Sunday read:

“Boris wants to fix unfair Brexit deal.”

But was not this the “oven ready” deal that Johnson told the UK electorate just needed to be “popped into the microwave”?

One government source told journalists: “Unfortunately we couldn’t fix every defect with the Withdrawal Agreement last autumn … we’ll now have to do our best to fix it but we’re starting with a clear disadvantage.”

Continue reading

Brexit, Data transfers, Single Market

First Rule of #Brexit: If it can go wrong it probably will

This blog was written early on Sat August 31st 2019

sbarclay.jpg

Sometimes, all you can do is to shake your head in disbelief. I’m not talking about Boris Johnson’s decision to suspend parliament for five weeks to push through a no-deal Brexit to guarantee the future sovereignty of parliament. After all, was not returning sovereignty to parliament from the clutches of Brussels what the slogan “take back control” was all about? What better way of returning sovereignty to parliament than suspending parliament. See this By Chris Grey on what all this means.

No, I’m talking about the fact that every day it becomes clearer that those who have campaigned longest and hardest for the UK to leave the EU have no real idea what this will actually mean in practice. The day-to-day consequences of the UK putting new barriers between itself and the largest, single market in the world have never been thought out.

Continue reading

Article 50, Backstop, Boris Johnson, Brexit, Data transfers

Brexit: To Go On Forever?

This blogpost was written late on August 17th 2019
truck queues
Queues of lorries near the Port of Dover via the BBC website

During the past week, while the political manoeuvring to block a no-deal Brexit grabbed all the headlines, probably the most significant development was one that would have fallen below most people’s radar, politicians included.

It was this Tweet from the French Embassy setting out the sanitary and phytosanitary controls that plant and animal product exporters from the UK could expect at French borders when the UK becomes a “third country”, out of the EU. Words to set the heart racing: “sanitary and phytosanitary controls”, are defined by the EU as “measures to protect humans, animals, and plants from diseases, pests, or contaminants.”

Such controls mean the end to “frictionless” trade and will lead to delays at borders. How extensive will the delays be? Who can say? All it takes to start a queue is one or two overly eager customs officers determined to make sure a trucker’s paperwork is in order. A very long queue.

Remember the chaos some months ago when French customs went on a “Brexit warning” strike? Chaos back up to the Belgian border, some 50K from Calais.

Continue reading

Brexit, British Government, Brussels, GDPR, Labour Law, Michel Barnier, Theresa May

The @GovUk #Brexit White Paper: More Questions than Answers

This blogpost was written on Friday, July 13th, 2018 

WHIf it worked once it will work again. That seems to be Theresa May’s approach to the Brexit negotiations, judging by the White Paper The Future Relationship Between The UK And The EU, published on Thursday. Back in 2012 when she was Home Secretary, using protocol 36 of the Lisbon Treaty, May opted-out en bloc from all the police and criminal justice measures adopted under the Maastricht Treaty before the EU court of justice in Luxembourg took over jurisdiction of them under Lisbon.

She then proceeded to opt back in to all of the measures she liked but was able to claim, to assuage die-hard anti-European Court Tory backbenchers, that she had opted-out.

Continue reading

Brexit, Data Protection, Data transfers, GDPR, Michel Barnier

BEERG #Brexit Blog: A Data Special:- @MichelBarnier highlights #data as a critical issue

This BEERG Brexit Blog is a special issue looking at critical data issues that have been recently highlighted, but which were also forecast here many months ago:

BarnierSpeaking at the 28th Congress of the International Federation for European Law (FIDE) in Lisbon last weekend, the EU’s chief negotiator Michel Barnier devoted a considerable section of his Lisbon speech to the impact of Brexit on data transfers between the EU and UK post Brexit, saying: “the UK must understand that the only possibility for the EU to protect personal data is through an adequacy decision”.

Here is that portion of M. Barnier’s speech – the BEERG analysis appears after it.

“The United Kingdom wants to leave. That is its decision. Not ours. And that has consequences. Allow me to give an example. The General Data Protection Regulation – GDPR – came into force yesterday. According to the United Kingdom’s position first presented – and published – this week on data protection:

The United Kingdom would like its supervisor to remain on the European Data Protection Board, created by the GDPR.

It wants to remain in the one-stop-shop.

It believes that this is in the interest of EU businesses.

But let’s be clear: Brexit is not, and never will be, in the interest of EU businesses. And it will especially run counter to the interests of our businesses if we abandon our decision-making autonomy. This autonomy allows us to set standards for the whole of the EU, but also to see these standards being replicated around the world. Continue reading