Do You Still Have to Follow GDPR after Brexit if You are in the UK? Yes

Do You Still Have to Follow GDPR after Brexit if You are in the UK Yes
Share the knowledge

GDPR and Brexit. It turns out that, much like old Mister Johnson’s cat, businesses in the UK just can’t get rid of GDPR, it keeps coming back. GDPR, which stands for the EU’s General Data Protection Regulation, went into effect in May of 2018, and January 31, 2021 marked the official date of Brexit, which was the United Kingdom’s official exit from the European Union. So one may wonder whether, now that the UK is no longer part of the EU, do businesses in the UK still have to comply with the requirements of GDPR? And the short answer is yes.

The reason that the answer is ‘yes’ is because the UK adopted and incorporated the provisions of GDPR into their own UK law; in fact the adopted regulations are known as UK GDPR (United Kingdom General Data Protection Regulations).

According to the UK’s Information Commissioner’s Office (ICO):

“The EU GDPR is an EU Regulation and it no longer applies to the UK. However, if you operate inside the UK, you will need to comply with UK data protection law. The GDPR has been incorporated into UK data protection law as the UK GDPR – so in practice there is little change to the core data protection principles, rights and obligations found in the UK GDPR. GDPR recitals continue to have the same status as before – they are not legally binding, they clarify the meaning and intention of the articles.”

This may lead you to wonder whether the UK GDPR replaces the UK Data Protection Act of 2018. It’s a good question, and the answer is that it doesn’t. As the ICO explains, “The Data Protection Act 2018 (DPA 2018) continues to apply. The provisions of the EU GDPR were incorporated directly into UK law at the end of the transition period. The UK GDPR sits alongside the DPA 2018 with some technical amendments so that it works in a UK-only context.”

The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.

CashApp us Square Cash app link

Venmo us Venmo link

Paypal us Paypal link

So, yay, now if you are in the UK you have two different, but complimentary, data protection laws with which to comply. Of course, because you have been complying with the EU GDPR since 2018 (you have, right?), you don’t really have to worry about changing things to get into compliance with the UK GDPR, because it’s essentially the same as the EU GDPR (the key word there is “essentially”, as it’s not identical).

If you are in the UK, and you want information specifically about how to be data protection compliant in this post-Brexit, post-EU GDPR, and current UK GDPR, world, the place to start is the ICO’s FAQ about GDPR after the transition.

Get New Internet Patrol Articles by Email!

The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.

CashApp us Square Cash app link

Venmo us Venmo link

Paypal us Paypal link

 


Share the knowledge

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.