After several years of deliberation and uncertainty, on January 31st the UK exited the European Union and our attention has now turned to what this means in practice, not least for the UK’s data protection laws.

Over the last few years, both public and private sector organisations have made enormous efforts to plan and implement changes to their data protection practices to ensure compliance with the GDPR. Fortunately for those organisations, it is business as usual for GDPR which will continue to apply to the UK during the Brexit implementation period, which runs until the end of 2020.

After the implementation period ends, the GDPR will no longer apply in the UK. However, the Data Protection Act 2018 will continue to apply following the end of the implementation period, and the government intends to incorporate the provisions of the GDPR into UK law at that stage, meaning in practice there should be very little change.  

New exit regulations (The Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019) have been passed which make technical amendments to aspects of the GDPR in order that they work from a UK only context.

The ICO has said,

“The ICO will continue to act as the lead supervisory authority for businesses and organisations operating in the UK. It is not yet known what the data protection landscape will look like at the end of the transition period and we recognise that businesses and organisations will have concerns about the flow of personal data in future.”

We will continue to post updates regarding any proposed changes to the UK’s data protection regime. In the meantime if your organisation requires advice on GDPR please do get in touch.

For more information please get in touch with one of our information law experts:

Our use of cookies

We use necessary cookies to make our site work. We'd also like to set optional analytics cookies to help us improve it. We won't set optional cookies unless you enable them. Using this tool will set a cookie on your device to remember your preferences. For more detailed information about the cookies we use, see our Cookies page.

Necessary cookies

Necessary cookies enable core functionality such as security, network management, and accessibility. You may disable these by changing your browser settings, but this may affect how the website functions.

Analytics cookies

We'd like to set Google Analytics cookies to help us to improve our website by collection and reporting information on how you use it. The cookies collect information in a way that does not directly identify anyone.
For more information on how these cookies work, please see our Cookies page.