HomeInsightsInformation Commissioner’s Office considers impact of Brexit on European General Data Protection Regulation.


+44 (0)20 7612 9612

The ICO says that the result of the 23 June 2016 referendum on membership of the EU now means that the Government needs to consider the impact on the GDPR.

The future is clearly more uncertain since the referendum result, but while the detailed future may be different from what was envisaged before the vote, the underlying reality on which policy is based has not changed all that much, the ICO says.

The ICO has been working hard on producing a set of guidance on GDPR, with an overview of the law being the first substantive part of that.  The ICO still thinks it will be useful to publish this overview.  This is because once implemented in the EU, the GDPR will be relevant for many organisations in the UK, most obviously those operating internationally.  The other main reason is that the GDPR has several new features, for example breach notification and data portability.  Therefore, it will still be useful to familiarise information rights professionals with the GDPR’s main principles and concepts.

Similarly the ICO’s plan of what guidance to expect and when remains useful.  The timings might not be so rigid, but the explanations of what areas the ICO will be prioritising remain relevant.

With so many businesses and services operating across borders, international consistency around data protection laws and rights is crucial both to businesses and organisations, and to consumers and citizens, the ICO says.  The ICO’s role has always involved working closely with regulators in other countries, and that will continue to be the case.  “Having clear laws with safeguards in place is more important than ever given the growing digital economy”, the ICO says, and it will be speaking to Government to explain its view that reform of UK data protection law remains necessary.  To read the ICO’s blog post, click here.  To access the ICO’s overview of the GDPR, click here.