Table of Contents
As a UK business owner, you likely invest time and effort to comply with the UK General Data Protection Regulation (GDPR). Most legislation lasts only several years or decades before being withdrawn or replaced. Recently, there has been some media speculation about whether Brexit will allow the UK Government to repeal the GDPR. This article will explore the likelihood of the UK scrapping the GDPR and what your business should do in the meantime.
Why is the GDPR Important?
The GDPR is an essential piece of UK data protection law. This is because it sets out numerous rules for UK businesses to follow, and in the event of a breach, the Information Commissioner’s Office can issue fines of up to £17.5m.
As you may already know, the GDPR is a lengthy and complex piece of legislation, making it unpopular among business owners, who view it as unnecessary red tape.
Fortunately, expert lawyers can simplify the GDPR into several core principles and provide suitable policies and documents.
Why Has Brexit Not Scrapped GDPR Laws Already?
The GDPR originated from the European Union, leading many to wonder why it remains in place. One answer is the UK Government was keen to implement the GDPR into UK law because it places a heavy emphasis on protecting personal information from unauthorised use.
So, whilst the UK Government can withdraw the EU GDPR from our law, it is not inclined to do so.
Naturally, governments are always aware of what is unpopular with business owners. For example, the UK Government is likely conscious that the ICO regime of financial penalties is unpopular. However, the whole point of ICO fines is to deter GDPR infringements.
Nevertheless, as time goes on and pressure from businesses grows, there may be calls for the GDPR to be simplified. Active European Union countries cannot ‘water down’ laws passed by the EU, but Brexit provides this opportunity to the UK Government.
Continue reading this article below the formCall 0808 196 8584 for urgent assistance.
Otherwise, complete this form and we will contact you within one business day.
A Simplified GDPR
Many business owners request that the GDPR laws be shorter and easier to understand.
The second point could be a less restrictive and punitive approach to ICO fines, with the possibility of a sliding scale approach and financial penalty caps within an updated GDPR. So, for example, the ICO could cap a first offence at £1m, a second offence at £5m and a third offence (or more) at £17.5m.
Finally, some business owners have pushed for parts of the GDPR to constitute guidance rather than binding rules. However, this is unlikely as the point of the GDPR is to set out all necessary data protection rules in the UK. Accordingly, creating two categories would hinder this.
Will the GDPR Be Removed Soon?
It is unlikely the UK Government will scrap the GDPR in the near future.
Whilst the Government is aware that GDPR compliance costs businesses time and money, it believes it necessary to safeguard the personal data of UK citizens.
Furthermore, it believes that suddenly scrapping the GDPR would undermine the previous time and effort spent on compliance. Many businesses have invested significant time and money in ensuring full GDPR compliance with their data management and IT systems.
Finally, the Government wishes to market the UK as one of the world’s best and most secure marketplaces and economies. The GDPR (and the existence of the ICO to referee UK organisations) provides confidence to outside investors in the ability of UK organisations to resist cyber-attacks and protect crucial data.
Key Takeaways
The GDPR has proven to be a divisive piece of data protection law. Whilst some business owners value its level of detail, others lament the time and cost involved in ensuring good levels of compliance. The ICO provides easy-to-understand online guidance to assist UK businesses, albeit they are open about handing out hefty fines for GDPR violations. For now, the GDPR is likely to remain in force. Accordingly, business owners should continue to ensure good levels of compliance.
If you need help ensuring full GDPR compliance within your business, our experienced Data, Privacy and IT lawyers can assist as part of our LegalVision membership. For a low monthly fee, you will have unlimited access to lawyers to answer your questions and draft and review your documents. Call us today on 0808 196 8584 or visit our membership page.
Frequently Asked Questions
Following Brexit, our government can withdraw the GDPR and replace it with new UK regulations. However, many UK businesses perform business in Europe and would still need to comply with the EU GDPR to do so. Therefore, scrapping the GDPR would only benefit companies solely doing business in the UK.
The main benefit is certainty. Most UK organisations have started to get their heads around the GDPR rules and related ICO guidance. Changing the rules again would cause additional time and effort to ensure compliance with any replacement set of rules.
We appreciate your feedback – your submission has been successfully received.
