How we deal with data protection within the EU significantly changed on 25th May 2018. The vast majority of the population are aware of the coming into force of the General Data Protection Regulation due to the abundance of emails in their inbox providing them with updated Privacy Policies or asking them for consent to use their personal data. However, less well publicised was the fact that on the same date, the UK’s Data Protection Act 2018 received the Royal Assent. So what does the Data Protection Act 2018 differ from the GDPR?
Firstly, the GDPR has direct effect across all EU member states. Organisations must comply with this regulations and will still have to look to the GDPR for most legal obligations. However, the GDPR gives member states limited opportunities to make provisions determining how particular terms will apply in their own country. One part of the Data Protection Act 2018 will deal with these areas so must be read alongside the GDPR.
In contrast, the Data Protection Act 2018 is obviously only applicable within the UK. Beyond setting out how the UK is to apply various sections of the GDPR, it also deals with the following: