Image 1

UK will “opt-in” to GDPR

Article

Posted by , , on

Summary: The UK Government has confirmed it will implement the General Data Protection Regulation (GDPR). The deadline for implementation is May 2018, so if organisations have not yet started their compliance programmes they should do so now.

In her appearance before the Culture, Media and Sport Select Committee on 24th October 2016, Secretary of State for Culture, Media and Sport, Karen Bradley MP, stated that, as the UK will be a member of the EU in 2018 when the GDPR comes into force, it would be “expected and quite normal for us to opt-in to the GDPR”. The Minister indicated that GDPR would then be subject to a later review to evaluate how to best balance the interests of British businesses with the protection of the public.

It is perhaps a strange use of language to say the UK will “opt-in” as it has no choice if it is still in the EU in May 2018. This is an EU Regulation after all. And the UK will certainly now be in the EU, given that the timetable for the commencement of the two year Article 50 process may be extended considerably as the Courts have just ruled that Parliament needs to vote to trigger it (something that the Secretary of State probably had not anticipated when making her announcement).  

Elizabeth Denham, the Information Commissioner (ICO), has responded by saying that a revised timeline will be published this month setting out what areas of guidance for GDPR the ICO will be prioritising. More updates will follow from us as that guidance emerges.  

This site uses cookies to help us improve our services and your browsing experience. For further information about cookies, including about how to change your browser settings to no longer accept cookies, please view our privacy policy.