The GDPR is the new European Union law which is replacing the EU Directive that underpins the Data Protection Act, with effect from May 2018.
There had previously been uncertainty over the Government's stance in the aftermath of the Brexit vote in June this year, although the smart money was on the UK working to the GDPR and any changes evolving only on an evolutionary basis - particularly after recent comments by the Information Commissioner, Elizabeth Denham, to that effect. Now, Karen Bradley, the Secretary of State for Culture, Media and Sport, has given some certainty.
Ms Bradley said: 'We will be members of the EU in 2018 and therefore it would be expected and quite normal for us to opt into the GDPR and then look later at how best we might be able to help British business with data protection while maintaining high levels of protection for members of the public.'
Ms Denham praised this stance and hailed it as good news, reflecting the UK's push to protect data and give people confidence in that as the digital economy grows.
The GDPR gives greater protection for people's data and gives them greater control over it.
Ms Denham said the Information Commissioner's Office was committed to helping businesses and public bodies prepare to meet the requirements of the GDPR and it will provide further guidance.
I also see this as good news. Organisations need certainty, and as clients who do business in Europe are telling me, it makes sense for the UK's data protection law to be aligned with that in Europe. This is for a whole host of reasons, including to make things simpler and also for the UK to be seen as an acceptable place that offers adequate protection for when European businesses want to have a base in the UK, and also for when UK businesses process data about individuals from the EU.
As the Information Commissioner has said, businesses and organisations need to start preparing for the new data protection law. Please contact us if you want to discuss how this affects you.