ICO: Future UK Data Protection Laws Must Equal Those Of EU

The Information Commissioner’s Office (ICO) says future data protection regulations will have to be as strong as those afforded by the EU if the UK wants to continue trading with the bloc once it leaves.

It comes after the United States and the EU agreed to strengthen the Privacy Shield agreement, but with the UK opting to leave the European Union, direction was needed for firms operating in this country.

Data Protection Act

“The Data Protection Act remains the law of the land irrespective of the referendum result,” said an ICO spokesperson.

“If the UK is not part of the EU, then upcoming EU reforms to data protection law would not directly apply to the UK,” said the spokesperson. “But if the UK wants to trade with the Single Market on equal terms we would have to prove ‘adequacy’ – in other words UK data protection standards would have to be equivalent to the EU’s General Data Protection Regulation (GDPR) framework starting in 2018.”

The GDPR has been in the planning since January 2012, and it aims to give citizens back control over their data in the digital age, including the right to be forgotten. It also imposes stiff financial penalties on businesses for not protecting data.

The European Parliament officially approved the GDPR in April this year and it is set to become law in 2018, by which time the UK will no longer be part of the European Union.

“With so many businesses and services operating across borders, international consistency around data protection laws and rights is crucial both to businesses and organisations and to consumers and citizens,” said the ICO spokesperson. “The ICO’s role has always involved working closely with regulators in other countries, and that would continue to be the case.”

“Having clear laws with safeguards in place is more important than ever given the growing digital economy, and we will be speaking to government to present our view that reform of the UK law remains necessary,” said the ICO spokesperson.

Data Protection

The ICO’s statement reveals that the UK will have to have a similar law in place if it is to match the  GDPR in 2018. That law replaces the Data Protection Directive that was introduced in 1995, and it takes into account the arrival of the Internet, smartphones, and social networking.

The GDPR includes powers to issue hefty financial penalties. Companies that do not comply with its strict new requirements could face fines of up to 4 percent of their global revenue for the previous year, or 20m euros (£15.8m) depending on which is greater.

In the UK for example, the maximum current penalty (under the UK Data Protection Act) stands at just £500,000.

Earlier this year nearly 80 percent of UK medium and large businesses said they were not confident they will be able to comply with the GDPR regulations.

How much do you know about the European Commission? Take our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

View Comments

  • The next James Bond will just be a movie of 007 spending 2 hours in passport control at De Gaulle by the looks of it.


Recent Posts

OpenAI, Broadcom In Talks Over Development Of AI Chip – Report

Rebelling against Nividia? OpenAI is again reportedly exploring the possibility of developing its own AI…

16 hours ago

Microsoft Outage Impacts Airlines, Media, Banks & Businesses Globally

IT outage causes major disruptions around the world, after Crowdstrike update allegedly triggers Microsoft outages

19 hours ago

GenAI Integration Efforts Hampered By Costs, SnapLogic Finds

Hefty investment. SnapLogic research finds UK businesses are setting aside three-quarters of their IT budgets…

1 day ago

Meta Refuses EU Release Of Multimodal Llama AI Model

Mark Zuckerberg firm says European regulatory environment too ‘unpredictable’, so will not release multimodal Llama…

2 days ago

Synchron Announces Brain Interface Chat Powered by OpenAI

Brain implant firm Synchron offers AI-driven emotion and language predictions for users, powered by OpenAI's…

2 days ago