Beyond Reasonable Doubt
Data Protection and Brexit
The GDPR is an EU regulation. This means it became law in all member states of the EU (including the UK), without the need for a UK Act of Parliament. It also applies to the EEA states. When the UK exits the EU, the EU GDPR will no longer be law in the UK. The UK government intends to write the GDPR into UK law, with the necessary changes to tailor its provisions for the UK (the “UK GDPR”).
The UK government intends that the UK GDPR will also apply to controllers and processors based outside the UK, where their processing activities relate to:
The UK Data Protection Act 2018
The UK Data Protection Act 2018 came into force in the UK at the same time as the GDPR took effect. It covers four data protection regimes:
The UK Data Protection Act 2018 is particularly relevant to UK businesses and organisations which:
In short, we can consider the EU GDPR and the UK DPA 2018 as “equivalent” when it comes to processing personal data and there is a wealth of guidance available from the UK ICO.
©1998 – “forever” Objectsoft Limited. All Rights Reserved.