How Does Brexit Impact Data Protection in the UK?

Posted by Dennis Dayman on

Britain’s unprecedented decision to exit the European Union—“Brexit”—is raising a myriad of questions around the world.

A big question I and my colleagues in the security industry have is: What does this do for data protection standards and rules? The answer depends on when the UK government officially leaves the EU. For now, the vote will have little immediate effect on its data protection rules.

Britain will have two years to negotiate their exit from the European Union. This time will be spent settling outstanding bills with the EU, crafting new trade deals, and sifting through thousands of EU regulations, including those that protect data privacy. For now, the UK remains a member of the European Union, with all the rights and obligations that derive from it.

The UK regulator, the Information Commissioner’s Office (ICO), hasn’t given us concrete guidelines on what we all need to do when it comes to data protection, but they did release this statement after the Brexit vote saying, “If the UK wants to trade with the Single Market on equal terms we would have to prove ‘adequacy’—in other words UK data protection standards would have to be equivalent to the EU’s General Data Protection Regulation framework starting in 2018.”

The ICO also stated that while data protection laws in Britain will not change right away, any new laws introduced by the EU would not apply to England, Scotland, Northern Ireland, and Wales if the UK leaves before they come into effect.

Once the UK is officially no longer a member of the EU, the UK Data Privacy Act of 1998 will likely govern data protection. But many people are speculating that the law will be updated to reflect the GDPR and be “adequate ” under it.

So what’s the best thing for security professionals around the globe to do? For now, you can Keep Calm and Carry On by ensuring that:

  • Your organization has a data protection framework in place.
  • The framework meets, or is aiming to meet, the standards set out in the GDPR.

By doing this, your company will be in a position to move data more freely within the UK and EU member states if the UK decides to update their own regulations to meet the GDPR.

Want more data privacy news? Subscribe to our blog to stay up to date.


Popular this Month

 The Intelligent Email Gathering

The Intelligent Email Gathering

The best day in email in 2017 is coming up this month. You don’t want to...

Read More

 The Impact of Gmail Tabs, Four Years Later

The Impact of Gmail Tabs, Four Years Later

In 2013, the introduction of Gmail’s tabs seemed to be a cry of war to...

Read More

 Getting Through to AOL Just Got Easier

Getting Through to AOL Just Got Easier

That title was probably a bit click-bait-ey because AOL has always had a...

Read More

Author Image

About Dennis Dayman

Dennis Dayman has more than 20 years of experience combating spam, security/privacy issues, data governance issues, and improving email delivery through industry policy, ISP relations and technical solutions. As Return Path’s chief privacy and security officer, Dayman leverages his experience and key relationships to provide best practices to Return Path, its customers, and ensures the compliance of their communications data flows. He is also responsible for coordinating and managing Return Path’s international electronic commerce, privacy and Internet related policy issues.

Author Archive

Stay up to date

Enter your name and email address below to subscribe to our mailing list.

Your browser is out of date.
For a better Return Path experience, click a link below to get the latest version.