Data and securityCyber SecurityBritain will adopt GDPR, says ICO chief

Britain will adopt GDPR, says ICO chief

GDPR is an opportunity for government says Elizabeth Denham

Elizabeth Denham, the new UK Information Commissioner, has said that it’s “extremely likely” General Data Protection Regulation (GDPR) will come into effect before Britain leaves the European Union.

In her first speech since taking on the role, Denham said: “It is extremely likely that GDPR will be live before the UK leaves the European Union. Remember that it is actually already in force, it is just that Member States are not obligated to apply it until 25 May 2018.”

Denham did however say that Brexit had complicated the mater and the way the UK carries out data protection legislation.

“The Referendum result has thrown our data protection plans into a state of flux,” she said. “What hasn’t changed are the strong data protection rules the UK already has. We need those rules to ensure cross-border commerce, not to mention the privacy protections citizens and consumers expect,” Denham added.

Organisations and public bodies that do business with EU organisations are likely to have to comply to GDPR regulations.

“The fact is, no matter what the future legal relationship between the UK and Europe, personal information will need to flow. It is fundamental to the digital economy. In a global economy we need consistency of law and standards – the GDPR is a strong law, and once we are out of Europe, we will still need to be deemed adequate or essentially equivalent,” she explained.

“For those of you who are not lawyers out there, this means there would be a legal basis for data to flow between Europe and the UK.”

 

Opportunity for government

“The future of the law is an opportunity for government too,” continued Denham. “Being ‘open for business’ means more than just saying you are. It means having a digital economy, being digitally enabled. And data protection is central to that. This is nothing the government doesn’t already know.

“When the UK leaves the EU (based on what we know today – 2019 or later) a new data protection law will need to be in force.

“I’m having active discussions with Ministers and senior officials in government, and have transmitted our view on the future of data protection law. We believe that future data protection legislation, post Brexit, should be developed on an evolutionary basis, to provide a degree of stability and clear regulatory messages for data controllers and the public.

“The aim here is not a data protection regime that appeals because it is overly lax or “flexible”. The aim is a progressive regulatory regime that stands up to scrutiny, that doesn’t leave the UK open to having rocks thrown at it by other regimes. And that has consistency and adequacy with the Europe.

“Regulators generally don’t lobby, and ultimately we work with the law government give us. But when the conversation is about the future of data protection in the UK, the ICO is determined to be part of that conversation. We have thirty years’ experience as a regulator in a changing environment. We don’t want to talk legislative minutiae, but to look at the key principles that should underpin the future of privacy law in the UK.”

Related Articles

Is automation essential in the cyber security battle?

Cyber Security Is automation essential in the cyber security battle?

1w Austin Clark
Please mind the security gap between the premises and the cloud

Cloud Computing Please mind the security gap between the premises and the cloud

2w Guest Writer
NHS trusts not discouraging WhatsApp, Facebook Messenger and other consumer apps

Cyber Security NHS trusts not discouraging WhatsApp, Facebook Messenger and other consumer apps

3w Austin Clark
Best form of defence: Is the Government's cyber strategy on the right track?

Cyber Security Best form of defence: Is the Government's cyber strategy on the right track?

4w Guest Writer
Making the cloud a safe space

Cloud Computing Making the cloud a safe space

1m Guest Writer
Leading cyberlaw academic calls for review of CCTV and AFR implementation

Cyber Security Leading cyberlaw academic calls for review of CCTV and AFR implementation

1m Austin Clark
Government security analysts 'at risk of being overwhelmed by attacks'

Cyber Security Government security analysts 'at risk of being overwhelmed by attacks'

2m Austin Clark
DCMS proposes new cyber security council in latest consultation

Cyber Security DCMS proposes new cyber security council in latest consultation

2m Austin Clark