Go to the profile of Detracker
Detracker
The first online privacy and data protection advisory firm in Europe working only with startups to save compliance costs and win more users. www.detracker.eu

Brexit Won’t Affect Data Protection Obligations and Why Waiting For the Dust to Settle Will Cost You Money

The General Data Protection Regulation (GDPR) will still apply to British companies with Irish, German and other European users.

The Data Protection Act in the UK is a version of the previous EU data protection rules. Now there are new EU data protection rules which came into force in May 2016. The new rules are called the General Data Protection Regulation and the UK will have to comply. Minutes after the referendum’s results were announced in June, the UK’s Information Commissioner’s Office (the British data protection authority) said clearly and decisively that UK companies will continue to abide by EU data protection rules. This is because of two reasons.

1- Digital Single Market. For UK startups and tech companies to be able to continue offering their services to mainland EU users, the country has to have equally adequate levels of data protection. One way to do it is to draft new and very strict UK privacy laws that will match the obligations and restrictions in the GDPR. Alternatively, keeping the GDPR as it is since any new version will be a very close mirroring of it. What happens if neither option is taken? EU users will be able to sue UK companies for not protecting their data as in the case of Schrems v Facebook. This case resulted in the cancelation of Safe Harbour the biggest transatlantic data protection treaty between the EU and the US which has been in place for 15 years.

2- Companies have to comply with the new rules because transition takes time. Forget the image of a ticking clock that went off on right after the referendum’s results. Brexit negotiations will only start when article 5o is invoked. This decision is further delayed by the UK first having to choose a prime minister — a date scheduled for October. In the meantime, GDPR is already here.

The data must be freely given, rather than under the duress of not being able to access your services. It must also be requested in clear and plain language

Why it will cost you money to “wait and see”?

Because the new data protection rules are already here. The ICO’s interim deputy commissioner stated that GDPR still applies to the UK. They are very strict and have been equated to copernican revolution. The GDPR completely changes the rules of personal data processing since the old regime was adopted 20 years ago.

In June, Adobe, PepsiCo and Unilver were fined for failing to implement the appropriate mechanism for international data transfers. The same month, the UK’s ICO fined two local companies £260000 for violating people’s privacy.

Find out how we can help you company get compliant today. Email us on solutions@detracker.eu

PrivacyEuropean UnionBrexitTech
  • Go to the profile of Detracker

    Detracker

    The first online privacy and data protection advisory firm in Europe working only with startups to save compliance costs and win more users. www.detracker.eu

  • Detracker

    Detracker

    The first online privacy advisory firm in Europe working only with startups. Here we outline tips on how to stay away from data protection bankruptcy and gain your users trust. Email us on solutions@detracker.eu to find out how we can help you with these and more.