Changes to data protection laws
The Information Commissioner’s Office (ICO) is a non-departmental public body which reports directly to Parliament and is sponsored by the Ministry of Justice. It is the independent regulatory office that deals with data protection laws in the UK.
The UK Information Commissioner, Elizabeth Denham has published a blog that confirms the government’s decision that the UK will be implementing the new EU General Data Protection Regulation (GDPR). These new regulations will see an EU-wide reform and modernisation of data protection laws from 2018.
The regulations include some welcome additions to existing data protection law including breach notification and data portability. The GDPR applies to both automated personal data and to manual filing systems where personal data are accessible according to specific criteria.
The Secretary of State Karen Bradley MP recently said:
‘We will be members of the EU in 2018 and therefore it would be expected and quite normal for us to opt into the GDPR and then look later at how best we might be able to help British business with data protection while maintaining high levels of protection for members of the public.’
The Information Commissioner was clear that for the time being the UK will be working towards compliance with the GDPR and at the same time looking at the long term future of UK data protection law post-Brexit. The ICO will be helping affected businesses with the introduction of the new GDPR rules by publishing advice and guidance for data controllers and data subjects alike.