Data Protection, the GDPR and Brexit
- By Paul Sullivan
The UK Government recently published ‘a future partnership paper’ on the exchange and protection of personal data.
It is noted that the Government has conceded the point, highlighted in our recent blog post ‘Developments in Data Protection’, that the UK may still be bound by the GDPR post-Brexit.
Accordingly, this Paper may be construed in some quarters as something of a face-saving exercise on being confronted with the inevitable. Such prevarication may seem unhelpful to the anxious company director seeking clarity on how best to move forwards.
What is clear is that big changes in the regulation of data protection are going to happen within the next ten months. Whether these changes are referred to as the GDPR or the Data Protection Bill is of little consequence. What is of relevance is how we think about data in the future.
It is apparent that the increased penalties for any breach are of particular concern. It should, however, be noted that in the last year whilst the Information Commissioner’s Office (‘ICO’) considered over 17,000 cases, only 16 of these resulted in a financial penalty being imposed. Of those 16, none were at the current upper limit.
Indeed, the ICO suggests that the potential damage to a company’s reputation may prove to be a more effective means of ensuring their compliance.
For more information about this article, or any other aspect of our business and personal legal solutions, please give us a call on 028 9032 2998. There is no charge for initial telephone advice.