The world we live in is changing in many ways, with the increasing use of technology playing a large part in this. Whilst many of these changes provide huge benefits, advances in technologies also generate a multitude of privacy issues. The potential for unauthorised use of personal data is ever increasing and in an attempt to control that, the EU data protection legal framework has undergone significant changes.
EU member states had previously implemented national data protection laws, to apply the old EU Data Protection Directive (95/46/EC), resulting in a fragmented approach to data protection across the EU. In an attempt to harmonise these laws as well as introduce a far more stringent approach to data protection, in 2012 the European Commission published a draft regulation - the General Data Protection Regulation “GDPR”.
GDPR came into force on 25th May 2018. As it is a Regulation it has direct effect in all Member States, without the need for further domestic laws to be implemented. Nonetheless, there are a number of areas within the Regulation where Member States are allowed to tailor national legislation, so whilst data protection law will be harmonised to an extent across the EU, some variation will remain. The piece of national legislation that tailors the GDPR within the UK is the Data Protection Act 2018.
Once the UK leaves the EU (either with no deal or at the end of any agreed transition period, if we leave with a deal), GDPR will form part of the UK as a result of the European Union (withdrawal) Act 2018, with some technical changes to make it work effectively in a UK context.
The links below are intended to give further information relating to the GDPR, looking at the background to this new legislation, key changes that it brings, actions that all data controllers and processors should be taking and that individuals should be aware of, how we can help businesses and organisations prepare for and comply with the new Regulation, providing regular blog posts on various aspects of data protection and the GDPR and a News and Events section providing updates on the legislation, advice given by the ICO and other regulatory bodies as well as news of events and seminars which we are running.