UK devises plan to share information for incoming GDPR and post Brexit

The Information Commissioner's Office (ICO) has published a five-year plan to enhance privacy protection for UK citizens. The ICO's top challenge is to operate as an effective, influential data protection authority (DPA) before and after Brexit. The plan acknowledges Parliament's commitment to introduce a data protection bill to implement the GDPR in 2018, ensuring the country's ability to share data after it leaves the EU. The ICO will provide the UK government with advice on the data protection implications of leaving the EU, help define the ICO's relationship with the European Data Protection Board (EDPB), continue to work as a member of the Article 29 Working Party, and engage the Council of Europe to explore Convention 108 as a data protection standard.

Looking past Brexit, the ICO will continue to link to DPAs in Commonwealth countries via the Common Thread Network and explore new relationships in the Asia-Pacific region. To help shape its international vision, the ICO will staff a new international strategy unit, but its ability to interface the EDPB and DPAs outside the EU will be shaped by Brexit negotiations. Until negotiations begin, the only sure bet is that the UK will embrace the GDPR come May 2018 as an EU member state – that's the law. But the odds favor the UK to uphold a high standard of data protection law and practice post-Brexit – that's the digital economy.

Sean Doherty

Analyst, Governance, Compliance, & eDiscovery

New Alert Set

"My Alert"

Failed to Set Alert

"My Alert"