At the beginning of February, the Minister of State responsible
for digital and culture policy, Matt Hancock, reaffirmed the
UK's commitment to implementing legislation mirroring the
General Data Protection Regulation (GDPR), and ensuring the
uninterrupted flow of personal data between the UK and EU post
Reaffirmed Commitment to the GDPR
The UK government has been clear about its intention to
implement the GDPR, which will come into effect in the UK on 25 May
2018. Mr Hancock stated that legislation would be brought forward
in the next parliamentary session to amend the existing Data
Protection Act 1998. The government's recently released White Paper further confirms this, and
emphasises the importance of maintaining the stability of data
transfer between the UK and the EU. Of the United Kingdom's
exit from and new partnership with the European Union, the
"The stability of data transfer is important for many
sectors – from financial services, to tech, to energy
companies. EU rules support data flows amongst Member States. For
example, the EU data protection framework outlines the rights of EU
citizens, as well as the obligations to which companies must adhere
when processing and transferring this data. There is also an
ongoing consultation regarding the free flow of data, including
considering whether legislation is necessary to limit Member
States' requirements for data to be stored
Speaking to the Home Affairs Sub-Committee on 1 February 2017,
Mr Hancock stressed that the GDPR was a "good piece of
legislation in and of itself" and that matching the GDPR was a
means of ensuring the "unhindered flow of data between the UK
and the EU post-Brexit." On data flows between the UK and the
U. S., Mr Hancock stated he was confident that an agreement could
be put in place between the two nations to ensure the unhindered
flow of data.
Honing the UK's International Strategy
In January, the ICO held a conference for international experts
in privacy and data protection regulation. Attendees included many
current and former data protection commissioners from Europe and
Canada. The focus of the conference was the development of the
ICO's emerging international strategy.
The ICO has announced its intention to step up its international
engagement, and to that effect it has formed its new International
Strategy and Intelligence department. The department will be
charged with increasing the organisation's international focus.
In a blog posted on 2 February, incumbent
Information Commissioner Elizabeth Denham stated that the ICO's
information rights strategy should be published before the new
financial year commences, and that this strategy will include a
clear international element. She commented:
"The simple fact is we want to learn. Our international
strategy is fast emerging, but we want to learn how it can be
better. To ask other jurisdictions to critique our plans is, I
think, indicative of the approach we're taking more
Ms Denham further stated that, in terms of privacy and data
protection, it was important that the UK have a clear international
outlook in our increasingly global economy:
"As a regulator and data protection authority, it's
important we have an international outlook. That's long been
the case, given the borderless nature of the digital economy, but
it's especially true today, as the UK reassesses its place in
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
In light of the much anticipated ICO draft GDPR (the General Data Protection Regulation) Consent Guidance being published yesterday, 2 March 2017, we will be running a mini-series on the guidelines under consultation and the impact the GDPR will have on the much vexed position of consent and the impact on your business.
The first of our four discussions on the ICO guidelines for Consent will focus on the meaning of consent under the GDPR (General Data Protection Regulation) and how this change enhances the previous law on consent to data processing.
The fourth and final part of our mini-series on the draft ICO guidance on Consent, published on 2 March 2017, focuses on the practical impact the GDPR (General Data Protection Regulation) will have on how your organisation records and manages consent.
A fundamental aspect of all fair and lawful processing of personal data under the current data protection rules is the requirement for the party who is the data controller to meet one or more conditions ("the conditions for processing").
The second in our mini-series on the ICO guidance on Consent, published on 2 March 2017, focuses on how the changes to be introduced by the GDPR (General Data Protection Regulation) will impact upon your business and what you can do to pre-empt the changes before their introduction in May 2018.
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).