Brexit and the GDPR – the Government Speaks

Posted on | by Christopher Knight

Anya has already posted about what Brexit means for the future of data protection in the UK and there is a general consensus that anyone thinking they can ignore the GDPR now should think again. But just in case Anya Proops QC wasn’t authoritative enough for you (unlikely, I know), Baroness Neville-Rolfe gave a speech on 4 July which touched on data protection in our brave new world. Baroness Neville-Rolfe is, as any fule noe, the Minister for Data Protection.Not surprisingly, the Minister did not suggest she knew all the answers, correctly pointing out that it was unclear which of many options concerning European engagement might end up being adopted. But just to prove we here at 11KBW know what we are talking about, it is worth quoting some chunks of the Ministerial speech to show how it essentially aligns with the analysis Anya (and others) have already given:

Until recently my main focus in matters digital was on the impact of the EU Data Protection Regulation. As matters stood and perhaps still stand, it was expected to take effect in the UK by 25 May 2018. In line with what I said earlier we – all of us, I mean you here as well as government – need to consider carefully what might be done either to replace it if and when it ceases to have effect or, instead, if in the event it never comes into force.

As I have pointed out the future might take several different forms and we need to identify as quickly as possible how to best to react to whatever path is eventually chosen.

One thing we can say with reasonable confidence is that if any country wishes to share data with EU Member States, or for it to handle EU citizens’ data, they will need to be assessed as providing an adequate level of data protection. This will be a major consideration in the UK’s negotiations going forward….

In the meantime, the Data Protection Act continues to be the UK’s data protection legal framework and it is important that organisations continue to comply with it. We are also ensuring it works better with the Digital Economy Bill…

I should mention the negotiations to agree a renewed ‘Safe Harbor’ agreement by means of the new EU-US Privacy Shield. Again it is not quite clear how this will affect the UK, but we will need a satisfactory understanding with the US of the rules to be applied.

So for those cynical individuals under the impression that a caretaker government was drifting listlessly in the water like an unanchored canoe heading inexorably towards an unmentionable creek, how wrong you are.

All in all, no excuse not to come to the 11KBW GDPR conference is there?

Christopher Knight