The General Data Protection Regulation (or “GDPR”) has already claimed one business in its quest to squash the rampant privacy breaches that organizations and nefarious actors have taken advantage of for years. In less than one year, GDPR still remains one of the most confusing topics for people in and outside of the European Union.
That then begs the question: What happens when the United Kingdom finally removes itself from the European Union’s extensive and wide-reaching legal framework? Does the GDPR still stay in effect? Does Parliament have a plan for the GDPR as it relates to citizens of the United Kingdom?
Common knowledge would dictate that the British government would certainly create a version of the GDPR that mirrors its neighbors, but that remains to be seen as we continue to explore the complexities of Brexit and just how much pressure is indeed on the government.
Businesses in the United Kingdom are still subject to the GDPR regardless of Britain’s legal status. When 29 March 2019 comes, a hard Brexit may make things excessively difficult for businesses trading within the European Union. In order to prepare for this eventuality, businesses that hold personal data of EU citizens should continue to apply strict scrutiny to that data and comply with the legal framework that exists.
Keeping in mind that while the legal framework will still be enforced, the Information Commissioner’s Office will be outside of the European Union’s European Data Protection Board, giving it no influence on the future of GDPR.
While it is virtually uncertain of how Brexit will affect the GDPR since the government cannot yet agree on the terms of the “divorce” from the European Union, one thing continues to remain certain: businesses must continue to remain vigilant as the clock ticks aggressively down to the end of the United Kingdom’s participation in the world’s largest economic bloc.
For more information on a no-deal Brexit, consider our free Efficiency First® Tool, How Businesses Should Prepare for a No-Deal Brexit.