Just two years ago, the words ‘Brexit’ and ‘GDPR’ didn’t really exist in the non-profit sector’s vernacular. Google Trends now tells us the phrases are now trending at 100 (that’s the max score). The phrases are so popular that people are even Googling them at the same time.
So, Brexit and General Data Protection Reform; what do they have in common? And will Brexit affect GDPR? You asked Google, so here is the answer.
In a nutshell, Brexit will not affect GDPR at all. Not one bit.
What? Why? Well, the ICO (or Information Commissioner’s Office to you and I) is the UK’s regulatory body for everything to do with personal information. They’ve played a big part in providing guidance for the interpretation of GDPR in the UK and even input to its creation. They’re also in charge of enforcing it once it becomes live. They’re 100% behind GDPR.
But what about in the future after we are properly out of the EU? Well again, Brexit won’t affect GDPR. For starts, GDPR has worldwide implications. The EU represents about 750 million people and so most organisations around the world are having to assume that during day-to-day business, they’re eventually going to come into contact with an EU citizen’s personal information and therefore will need to be compliant (or at least have the relevant processes in place). So even if they don’t have a physical presence in the EU, the global scope means it’s not just EU originations that have to be compliant. It’s everyone.
Furthermore, it’s also highly unlikely that the ICO would want to reverse the tightened and updated data protection laws following the expected split in 2019. Organisations would already be compliant, the consumer is going to benefit from the tightened regulations and the 1998 Data Protection Act would be the fall-back – the current UK law written in dial-up internet days. Safe to say that it’s a bit out-of-date.
So overall despite GDRP being an EU framework, Brexit won’t have any bearing on its scope in the UK one little bit. Sorry to disappoint.