The Channel logo


By | John Leyden 3rd October 2016 11:38

ICO boss calls for EU-style data protection rules post-Brexit

Plus ça change

The UK’s new information commissioner reckons that a post-Brexit Britain should adopt data protection laws similar to those of, er... the EU.

Elizabeth Denham made the comments during her first speech (transcript here) as UK information Commissioner at an event in London last week. Denham said the EU’s General Data Protection Regulation (GDPR) directive will almost certainly come into force in the UK before Brexit is effected. Something similar will be needed to replace it even after the UK leaves the EU, she argued.

“The fact is, no matter what the future legal relationship between the UK and Europe, personal information will need to flow. It is fundamental to the digital economy,” Denham said. “In a global economy we need consistency of law and standards. The GDPR is a strong law, and once we are out of Europe, we will still need to be deemed adequate or essentially equivalent.

“Whatever data protection law we have post-Brexit, I expect to see organisations taking responsibility for their actions, no matter how quick the technological change,” she added.

The GDPR will introduce tougher breach disclosure rules and much higher fines for security screwups – of up to four per cent of a business’s annual turnover. Denham put a positive spin on the tougher regulations, arguing that compliance ought to act as a catalyst for positive change.

“We believe that future data protection legislation, post-Brexit, should be developed on an evolutionary basis, to provide a degree of stability and clear regulatory messages for data controllers and the public,” she explained. “GDPR is an incentive to improve your practices, to sharpen things up, and encourage organisations to look at things afresh.

“Legislative change does bring nervousness, but it also brings opportunity. These changes – stronger data protection law and enforcement – are aimed at inspiring public trust and confidence,” she concluded.

Janine Regan, a data protection specialist at law firm Charles Russell Speechlys, said: “These comments from the ICO are not surprising; the digital single market is worth billions and streamlined EU data protection laws is a fundamental component of that. Brexit from data protection will mean that the UK will lose significant influence over policy, strategy and a piece of the incredibly profitable digital single market pie.

“The UK needs to mirror EU law post Brexit in order to be an effective place to offer data analytics, data centres and international data management services,” she added. ®

comment icon Read 25 comments on this article or post a comment alert Send corrections


Frank Jennings

What do you do? Use manual typwriters or live in a Scottish croft? Our man advises
A rusty petrol pump at an abandoned gas station. Pic by Silvia B. Jakiello via shutterstock

Trevor Pott

Among other things, Active Directory needs an overhaul
Baby looks taken aback/shocked/affronted. Photo by Shutterstock

Kat Hall

Plans for 2 million FTTP connections in next four years 'not enough'
Microsoft CEO Satya Nadella


League of gentlemen poster - Tubbs and Edward at the local shop. Copyright BBC
One reselling man tells his tale of woe