Data Protection: USA

(asked on 16th June 2026) - View Source

Question to the Department for Science, Innovation & Technology:

To ask the Secretary of State for Science, Innovation and Technology, what safeguards are in place to protect UK data held by US cloud providers from access requests made on US national security grounds outside the scope of the UK–US Data Access Agreement.


Answered by
Ian Murray Portrait
Ian Murray
Minister of State (Department for Science, Innovation and Technology)
This question was answered on 24th June 2026

Under UK data protection laws, organisations must ensure personal data is appropriately protected when transferred internationally.

The UK has an adequacy decision for the US, which included an assessment of US national security safeguards. Where adequacy is not relied upon, organisations must rely on alternative safeguards, such as standard contractual clauses.

The UK has been designated a ‘qualifying state’ by the US under Executive Order 14086 allowing individuals whose personal data has been transferred to the US access to redress mechanisms if they believe their personal data has been accessed or handled unlawfully by US authorities for national security purposes.

Reticulating Splines