Prime Minister Boris Johnson has announced in a statement to the House of Commons that the UK will develop a separate and independent data protection policy even though it will finalize joint agreements with the EU in areas like FTA, aviation and civil nuclear cooperation.
While it is not clear if the independent data protection policy will involve any changes to the Data Protection Act of 2018 which was drafted in line with the European General Data Protection Regulation (GDPR), there will not be any changes to existing data protection rules during the Brexit transition period which will be in force until the end of 2020.
“The UK will in future develop separate and independent policies in areas such as (but not limited to) the points-based immigration system, competition and subsidy policy, the environment, social policy, procurement, and data protection, maintaining high standards as we do so,” said the Prime Minister in a written statement to the House of Commons on Monday.
Even though the UK will pursue independent policies in areas such as immigration, data protection, social policy, and procurement, it will enter into landmark agreements with the EU in areas like free trade, fisheries, internal security, aviation, and civil nuclear cooperation.
Britain may introduce fresh data protection policy after the Brexit transition period
The development comes just days after the Information Commissioner’s Office announced that until the end of the Brexit transition period at the end of 2020, “it will be business as usual for data protection.”
“The GDPR will continue to apply. Businesses and organisations that process personal data should continue to follow our existing guidance for advice on their data protection obligations. During the transition period, companies and organisations that offer goods or services to people in the EU do not need to appoint a European representative.
“The ICO will continue to act as the lead supervisory authority for businesses and organisations operating in the UK. It is not yet known what the data protection landscape will look like at the end of the transition period and we recognise that businesses and organisations will have concerns about the flow of personal data in future,” it added.
In February, former Cambridge Analytica staffer-turned-whistleblower Brittany Kaiser said that “Britain would need to pass strong privacy legislation to protect its citizens once they are no longer covered by EU law, which will apply until the end of a post-Brexit transition period that ends in December.”
Kaiser told Reuters that while it is not known “whether the UK will still be subscribing to GDPR after Brexit or writing their own legislation”, the UK needs to introduce fresh regulations around data privacy to prevent “future Cambridge Analytica scandals”.
“With less regulatory infrastructure it’s unarguable that people in the UK will be less protected,” she added.