Full speed ahead for GDPR
The UK Government has confirmed that it will implement the General Data Protection Regulation 2016/679 (“GDPR”), ending speculation that there may be a light touch approach to data protection law post-Brexit.
In the Queen’s Speech on 21 June 2017, the Government said that it would introduce a “new law to ensure that the United Kingdom retains its world-class regime protecting personal data”.
A new bill will replace the current Data Protection Act 1998 and will implement the GDPR and the Police and Criminal Justice Directive. According to the Government, this will ensure that the UK meets its “...obligations while we remain a EU member state and helping to put the UK in the best position to maintain our ability to share data with other EU member states and internationally after we leave the EU”.
The Queen’s Speech also expressly states that the Government is committed to updating the powers and sanctions available to the Information Commissioner’s Office (“ICO”), a nod to the increased fines available to the ICO under the GDPR which are capped at €20m or 4% of worldwide turnover, whichever is the higher.
The Government’s confirmation that it will adopt the GDPR in full confirms what many leading specialists have been saying since the referendum vote 12 months ago. It also affirms the preferred view of the ICO, which is that the UK should adopt the GDPR in full.
EMW’s data protection team has been advising many businesses on the implementation of this new data protection law. It will affect all businesses, regardless of size, sector or turnover. If you would like to find out more about the GDPR, please contact Matthew Holman.
We run a series of seminars on data protection. If you're interested in attending, please drop us an email.