UK ‘will implement EU data protection laws in spite of Brexit’
The UK will implement the EU General Data Protection Regulation (GDPR) in spite of Brexit, according to a specialist London firm.
The new regulation, which enters force on 25 May 2018, introduces major changes throughout the EU around the appointment of data protection officers, risk assessments, and the notification of authorities where a data breach has been detected.
It also provides for heavy penalties for companies that are in breach of the regulation, including fines of up to 4 per cent of global turnover or €20 million (whichever is greater) in the case of non-compliance.
Eileen Weinert of media law specialist practice Wiggin told The Brief: “The GDPR will survive this bloody severance of the UK from the EU. Any business offering goods or services into the EU will need to comply with the GDPR.
“It has, in that sense, extraterritorial effect. Plus the concept of citizens of the EU being afforded privacy rights over their data has caught on. Will UK citizens be willing to give up those rights?”
Ms Weinert said the GDPR will remain in place, “much like vast swathes of EU law woven into the fabric of UK legislation over the last 40 years”.