Three months on from the landmark Brexit vote 23 June, the
Information Commissioner's Office is setting out its position
regarding data protection laws in a post-Brexit UK. Elizabeth
Denham, the new Information Commissioner, told the BBC that she
believed the UK should adopt the General Data Protection Regulation
(GDPR) regardless of Brexit.
Denham stressed that the UK will want to continue to do business
with Europe, and to do so it will need to comply with EU data
protection laws as, "In order for British businesses to share
information and provide services for EU consumers, the law has to
Not afraid to tread the somewhat charged political ground,
Denham made her views clear that leaving the EU did not mean
leaving behind European regulations where they concern data
protection. In an unmistakeable reference to Prime Minister Theresa
May's catchphrase "Brexit means Brexit," Denham has
pointedly stated, "I don't think that Brexit should mean
Brexit when it comes to standards of data protection."
With May recently revealing her plan to trigger Article 50 by
March 2017, and the GDPR scheduled to come into effect in May 2018,
the UK will have to abide by the GDPR from at least May 2018 until
its EU exit. In that regard, the commissioner raised concerns about
a start-and-stop regulatory environment before emphasising the
integral role that the UK played in the formation of the GDPR.
Additionally, Denham confirmed that an investigation had been
launched into the controversial plans announced by WhatsApp to
share its users' data with its parent company Facebook, given
that in 2014 when Facebook bought WhatsApp, there had been a
commitment between the two that they would not share
While the new commissioner appears to be in tune with the
public's anger on these issues, it remains to be seen what
actions, if any, will be taken.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
The fourth and final part of our mini-series on the draft ICO guidance on Consent, published on 2 March 2017, focuses on the practical impact the GDPR (General Data Protection Regulation) will have on how your organisation records and manages consent.
In light of the much anticipated ICO draft GDPR (the General Data Protection Regulation) Consent Guidance being published yesterday, 2 March 2017, we will be running a mini-series on the guidelines under consultation and the impact the GDPR will have on the much vexed position of consent and the impact on your business.
The first of our four discussions on the ICO guidelines for Consent will focus on the meaning of consent under the GDPR (General Data Protection Regulation) and how this change enhances the previous law on consent to data processing.
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).