Rolling on the river
2cvz6M3
2cvz6M3
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
storageage<br />
Change is coming<br />
GDPR is set to shake up current data protecti<strong>on</strong> laws, and it is imperative<br />
that businesses embrace <strong>the</strong>se new regulati<strong>on</strong>s in order to survive<br />
T<br />
he UK felt <strong>the</strong> rumblings<br />
of a seismic socioec<strong>on</strong>omic<br />
and political<br />
shift this year. On 23<br />
June, <strong>the</strong> British public voted –<br />
narrowly – for <strong>the</strong> UK to leave <strong>the</strong><br />
European Uni<strong>on</strong>.<br />
Brexit chaos ensued, <strong>the</strong> prime<br />
minister resigned, <strong>the</strong> pound fell, and<br />
protests and petiti<strong>on</strong>s gained tracti<strong>on</strong>.<br />
Change is very much <strong>on</strong> <strong>the</strong> horiz<strong>on</strong><br />
for British and European citizens and<br />
businesses when <strong>the</strong> new PM invokes<br />
Article 50 of <strong>the</strong> Lisb<strong>on</strong> Treaty – <strong>the</strong><br />
formal procedure for leaving <strong>the</strong> EU.<br />
Will we have access to <strong>the</strong> single<br />
market? Will we be able to live abroad?<br />
Will we be able to recruit <strong>the</strong> top<br />
talent? Will immigrants still be allowed<br />
to cross our borders?<br />
There are so many political, ec<strong>on</strong>omic<br />
and social questi<strong>on</strong>s to which no<br />
<strong>on</strong>e really knows <strong>the</strong> answers. One<br />
questi<strong>on</strong> we can answer, however, is:<br />
will UK businesses be expected to<br />
comply with <strong>the</strong> EU General Data<br />
Protecti<strong>on</strong> Regulati<strong>on</strong> (GDPR)?<br />
The answer is categorically yes, and<br />
businesses that do not adhere to GDPR<br />
standards will be fine-riddled to <strong>the</strong><br />
point of collapse.<br />
All change<br />
GDPR is a shake-up of current data<br />
protecti<strong>on</strong> laws. It is designed to<br />
protect pers<strong>on</strong>al informati<strong>on</strong> in an<br />
‘If <strong>the</strong> EU GDPR was in<br />
force when this breach<br />
occurred, TalkTalk<br />
could have been hit by a<br />
potential fine of up to<br />
£70 milli<strong>on</strong> <strong>on</strong> top of<br />
o<strong>the</strong>r breach costs’<br />
>> Stephen Love, security practice lead<br />
for EMEA, Insight<br />
increasingly digital world. Under GDPR,<br />
<strong>the</strong> definiti<strong>on</strong> of pers<strong>on</strong>al data will be<br />
expanded to include <strong>on</strong>line identifiers,<br />
as well as biometric and genetic<br />
informati<strong>on</strong>. The proposed regulati<strong>on</strong><br />
was finally agreed by <strong>the</strong> European<br />
Parliament earlier this year and will<br />
come into effect <strong>on</strong> 25 May 2018.<br />
Effectively, <strong>the</strong> EU GDPR will<br />
harm<strong>on</strong>ise those businesses that trade<br />
in and out of Europe, by requiring<br />
those organisati<strong>on</strong>s to ensure an<br />
adequate level of protecti<strong>on</strong> for <strong>the</strong><br />
rights and freedoms of individuals in<br />
relati<strong>on</strong> to <strong>the</strong> processing of <strong>the</strong>ir<br />
pers<strong>on</strong>al data, as specified by <strong>the</strong><br />
regulati<strong>on</strong> itself.<br />
Post-Brexit situati<strong>on</strong><br />
Regardless of whe<strong>the</strong>r <strong>the</strong> UK is in or<br />
out of <strong>the</strong> EU, UK companies are still<br />
likely to be subject to <strong>the</strong> GDPR.<br />
GDPR will apply, as Kirsten Whitfield,<br />
director of Gowling WLG’s tech team,<br />
says, ‘if pers<strong>on</strong>al data from <strong>the</strong> EU is<br />
transferred to a n<strong>on</strong>-European<br />
Ec<strong>on</strong>omic Area country’.<br />
Any organisati<strong>on</strong> holding EU citizen<br />
data is bound by <strong>the</strong> regulati<strong>on</strong>.<br />
Indeed, even those companies that<br />
are not receiving pers<strong>on</strong>al data from<br />
an EU country but ‘targeting goods<br />
and services at an EU market<br />
through pers<strong>on</strong>al profile data of<br />
EU citizens will still fall under <strong>the</strong><br />
GDPR’, remarks Whitfield.<br />
There are so many scenarios –<br />
even where a business’s IT provider<br />
is based – irrespective of future<br />
UK legislati<strong>on</strong>, that will dictate<br />
whe<strong>the</strong>r a company is in breach<br />
of <strong>the</strong> impending GDPR. It is<br />
imperative, <strong>the</strong>refore, to get GDPRready,<br />
or face <strong>the</strong> c<strong>on</strong>sequences.<br />
September 16 informati<strong>on</strong>-age.com<br />
27