The UK’s decision to leave the European Union leaves the issue of data protection in some uncertainty given that the General Data Protection Regulation (GDPR) is expected to come into force in May 2018.
In efforts to dispel this uncertainty, it has been clarified that the GDPR will be effective from the 25th May 2018, until the confirmed Brexit date. The GDPR will supersede the current Data Protection Act from 1998 with the aim of providing more contemporary laws for the digital world and improve and strengthen data protection for EU citizens as well as increase business opportunities.
It is also likely that whenever Brexit does occur, laws very similar and stringent to the GDPR will be enforced; to sustain business in the European Economic Area and maintain the growth of the UK’s digital economy, a certain level of suitability is required which is probably comparable to the GDPR. Information Commissioner Denham confirmed that “For British businesses to share information and provide services for EU consumers, the law has to be equivalent.”
The ICO has announced that within the upcoming month it plans to publish a revised timeline which will detail the main areas of guidance that will be prioritised over the next six months. This timeline should therefore prove to be supportive in clarifying some of the ambiguous provisions detailed in the GDPR and how the ICO plans to interpret them.
So, if you have not started preparing it is highly advisable that you:
The above is provided for information purposes only and does not constitute legal advice. Please contact Nath Solicitors for further information.
17.12.16
consequently
as a result