Another step towards a new data protection law

Posted by Jon Belcher on
Back in January we reported that the European Commission, the European Council and the European Parliament had finally agreed on a draft text for the General Data Protection Regulation (the GDPR).  The GDPR will harmonise and strengthen data protection law across the EU.  For more information on the key themes of this Regulation, and the changes it makes, see The new General Data Protection regulation is (almost) here.

A new regime for Data Protection in the EU

Following the publication of the Council's final approved draft earlier in April 2016, the final hurdle for the GDPR to overcome was approval from the European Parliament.  After a debate on Wednesday afternoon, the plenary unanimously approved the text on Thursday 14 April.

The text must now be published in the Official Journal of the EU, which we expect to happen in the next few weeks.  It officially enters into force 20 days after publication (Article 99, GDPR).  There will then be a two-year implementation period, meaning that it is expected to be in full force from Spring 2018.

Impact of potential "brexit" on the application of the GDPR

We cannot be sure how our relationship with the EU would be structured in the event that voters choose to leave it.  Nevertheless, it is likely that the UK authorities and the vast majority of businesses will still have to follow the provisions of the GDPR.  This is because the GDPR may well come into effect before the UK formally leaves the EU, the territorial scope of the GDPR is very broad and will capture businesses operating within the UK who provide services in the EU, and in any case the UK would need to implement similar legislation to ensure that personal data is able to continue to flow across the Channel in the event of a UK exit from the EU.

Preparations start now

Although Spring 2018 may seem a long way away, it will be on us quicker than we think.  Now is the best time for you to start thinking about whether your organisation can comply with the new rules.  For ideas how to do so, click here.

If you would like advice on any aspect of data protection or information governance, please get in touch with our specialist data protection lawyers who would be happy to help.  

We also offer a range of data protection training sessions. For more information or to book your place, click here.

To download our free GDPR guide click here.

About the Authors

Jon specialises in information governance law and advises on data protection compliance, information sharing and freedom of information issues.

Jon Belcher
Email Jon
029 2068 6268

View Profile

Sheilah gives her clients practical commercial advice on a range of issues including IP/IT, franchising, data protection and FOI.

Sheilah Mackie
Email Sheilah
023 8085 7039

View Profile