Dáil Éireann Debate, Tuesday - 30 January 2018
268. Deputy Stephen S. Donnelly asked the Minister for Justice and Equality his plans to provide information to businesses regarding data protection and the implications for data held by companies operating between Ireland and the United Kingdom in the event that the UK leaves the safe harbour framework in the context of Brexit; and if he will make a statement on the matter. [4445/18]
View answerUnder the EU's data protection framework, any country other than the EU and EEA Member States is deemed to be a "third country." Personal data can only be transferred to a third country when an adequate level of protection is guaranteed. The "safe harbour" framework referred to was an agreement between the EU and USA which has been subsequently replaced by the Privacy Shield.
The question of data protection is one of a number of cross cutting issues which are the subject of negotiations between the European Union and the UK in the context of the Brexit negotiations. The proposal for transitional arrangements to be part of the Withdrawal Agreement envisages that the status quo on Data Protection would be maintained for the period of transitional arrangements.
At this point it is not known what data protection arrangements will apply post the transitional arrangements. My Department is actively participating in cross Government preparations and stakeholder engagement in relation to UK exit, including the ongoing development of contingency planning.
The issue of data protection will continue to be an important cross-cutting issue in the EU's future relationship with the UK. In this context it is also relevant that the EU General Data Protection Regulation (GDPR) which will take effect from 25 May 2018, will transform data protection regulation in the EU, strengthening the data privacy rights of individuals and placing increased compliance and accountability on organisations. The UK have indicated that they will implement the GDPR and will be compliant with EU Data Protection requirements.
As the position with respect to data protection develops in the course of negotiations, more information will be available for businesses and others in this regard. To date, preparatory work undertaken by the Data Protection Commissioner has ensured that there is awareness of the GDPR through the publication of guidance materials, online media campaigns and proactive engagement with private and public sector organisations.
