30th Sep // 2016
There was a clear message from the new Information Commissioner, Elizabeth Denham, that companies should continue to prepare for the General Data Protection Regulation (GDPR) to come into force in the UK, despite Brexit.
In her first speech since taking office in July, she told a digital economy event in London that it was “extremely likely” that the GDPR would become live in the UK. She explained that it is actually in force now but Member States are not obliged to adopt it until 25th May 2018. As Brexit is unlikely to happen until 2019 or later she said that firms should continue to get ready for the new legislation.
Ms Denham said that the future of Data Protection in the UK post Brexit would depend on a new law that would be decided by the UK Government. But she said that the ICO would lobby to ensure that it would be consistent with GDPR and not a softer alternative. “The aim here is not a data protection regime that appeals because it is overly lax or ‘flexible’,” she said. “The aim is a progressive regulatory regime that stand up to scrutiny, that does not leave the UK open to having rocks thrown at it by other regimes.” As a regulator, Ms Denham said that the ICO would normally simply enforce the law that was provided to it, but in this case the Commission is determined to be part of the conversation that will define the future of privacy in the UK.
The new Commissioner was speaking at an event which was promoting growth through trust and she said that rather than innovation being held back by data protection laws, it should work with them, “it’s not privacy or innovation – it’s privacy and innovation”, she reminded her audience. She said that if business had the trust of its customers, it could actually achieve better growth, “you need to make sure that whatever direction you’re taking with people’s information; you’re taking those people with you.” Getting it right was a win win situation with consumers and business both benefiting. She wanted companies to ensure they followed the law as it stands but also future proof what they are building to withstand the law of tomorrow.
If you want to know more about GDPR, we have a platform that can help with compliance.