Data and securityCyber SecurityICO responds to Referendum result

ICO responds to Referendum result

The Information Commissioner’s Office says future data protection regulations will have to be as strong as the EU's if the UK wants to continue trading with the bloc

The Information Commissioner’s Office (ICO) says future data protection regulations will have to be as strong as the EU’s if the UK wants to continue trading with the bloc once it leaves.

Responding to last week’s EU Referendum result, the ICO issued a statement saying: “The Data Protection Act remains the law of the land irrespective of the referendum result.

“If the UK is not part of the EU, then upcoming EU reforms to data protection law would not directly apply to the UK. But if the UK wants to trade with the Single Market on equal terms we would have to prove ‘adequacy’ – in other words UK data protection standards would have to be equivalent to the EU’s General Data Protection Regulation framework starting in 2018.

“With so many businesses and services operating across borders, international consistency around data protection laws and rights is crucial both to businesses and organisations and to consumers and citizens. The ICO’s role has always involved working closely with regulators in other countries, and that would continue to be the case.

“Having clear laws with safeguards in place is more important than ever given the growing digital economy, and we will be speaking to government to present our view that reform of the UK law remains necessary.”

GDPR
The ICO’s statement reveals that the UK will have to have a similar law in place if it is to match the GDPR in 2018. That law replaces the Data Protection Directive that was introduced in 1995, and it takes into account the arrival of the Internet, smartphones, and social networking.

The GDPR includes powers to issue hefty financial penalties. Companies that do not comply with its strict new requirements could face fines of up to 4% of their global revenue for the previous year, or 20m euros (£15.8m) depending on which is greater.

In the UK for example, the maximum current penalty (under the UK Data Protection Act) stands at just £500,000.

Related Articles

Government and tech industry hold roundtable on IoT security

Cyber Security Government and tech industry hold roundtable on IoT security

6m Jay Ashar
New Army cyber operations centres for MOD

Cyber Security New Army cyber operations centres for MOD

6m Jay Ashar
Competing priorities biggest roadblock to cybersecurity

Cyber Security Competing priorities biggest roadblock to cybersecurity

6m Jay Ashar
Cybersecurity is a market for lemons

Cyber Security Cybersecurity is a market for lemons

6m Bernard Parsons
Compulsory cyber awareness training for Cardiff council staff

Cyber Security Compulsory cyber awareness training for Cardiff council staff

6m Jay Ashar
UK government to assess the cyber security capability landscape

Cyber Security UK government to assess the cyber security capability landscape

6m Jay Ashar
New capability to help organisations fight cyber threats

Cyber Security New capability to help organisations fight cyber threats

6m Jay Ashar
Room for more cybersecurity over and above GDPR

Cyber Security Room for more cybersecurity over and above GDPR

7m Jay Ashar