The General Data Protection Regulation Post Brexit
The aftereffects of Brexit on the GDPR The UK’s decision to leave the European Union leaves the issue of data protection in some uncertainty given that the General Data Protection Regulation (GDPR) is expected to come into force in May 2018. In efforts to dispel this uncertainty, it has been clarified that the GDPR will be effective from the 25th May 2018, until the confirmed Brexit date. The GDPR will supersede the current Data Protection Act from 1998 with the aim of providing more contemporary laws for the digital world and improve and strengthen data protection for EU citizens as well as increase business opportunities. To recap some key requirements of the GDPR are:
A higher threshold for consent. Consent must now be freely given, specific, informed and unambiguous shown by a statement or a clear affirmative action The mandatory appointment for a Data Protection Officer. This requires the appointment of someone with “expert knowledge” of data protection law to oversee and ensure compliance