by Lorraine Tan, 25 Mar 2022 Introduction: The GDPR, or General Data Protection Regulation, is a regulation on data privacy and protection in the European Union. When it went into effect in May 2018, it was directly legally binding on all EU member states. Now that Britain has officially left the EU, does the GDPR still apply in the UK? What are the relevant changes in data protection law in our jurisdiction? EU-GDPR: Before the GDPR, the EU relied on Article 8 of the ECHR (the right to respect for private and family life) for data protection, but realised there were inconsistencies in the implementation of relevant guidelines across member states. The GDPR was drafted to overcome the unnecessary restrictions on cross-border data flows and to create a centralised system of legislation. Article 5 of the EU-GDPR outlines 7 key data protection principles, including: (1) Lawfulness, fairness and transparency, (2) Purpose limitation (organisations should only collect data for legitimate purposes), (3) Data minimisation (only process data necessary for the purpose), (4) Accuracy (individuals have the right to request erasure of inaccurate data), (5) Storage limitation (deleting data after it is no longer needed for its intended purpose), (6) Integrity and confidentiality, (7) Accountability (organisations providing documentation/proof of compliance). Article 6 of the EU-GDPR states 6 legal grounds for data processing, including: (1) Consent given by data subject, (2) Performance of a contract, (3) Compliance with a legal obligation (e.g. testifying in court), (4) Protecting the vital interests of a person in instances such as a medical emergency (5) Performance of a task in the interest of the public (e.g. safeguard public health/security), (6) For any other legitimate interest. UK-GDPR: Following Brexit in 2020, the EU-GDPR no longer applies in the UK. However, the House of Commons modified existing domestic data protection laws by merging EU-GDPR regulations with the Data Protection Act 2018, creating the UK-GDPR which came into effect on 1 Jan 2021. Its content and language is largely identical to the EU-GDPR. However, it is governed and enforced by UK agencies. EU authorities cannot hold the UK accountable for any violations. The UK-GDPR may be subject to change by the UK Parliament in the future. It is expected that UK authorities will review the UK-GDPR and change certain regulations. For example, the UK’s ICO (Information Commissioner’s Office) has proposed that instead of requiring individuals to select “I agree” on cookie pop-ups every time they visit a website, they should be able to select a long-term privacy preference on their computers for data collection. Impact of the transfer on businesses based in the UK: Data can still be transferred easily between the EU and the UK. Data can also be transferred to third countries (countries outside the EU) if the country is considered to have appropriate data safeguards in place. In addition, UK businesses must appoint an EU representative dealing with EU data matters if: (1) they are monitoring the behaviour of EU residents, or (2) they don’t have a branch/office in the EU. Any violations of the UK-GDPR so far? A man who used his Amazon Ring doorbell system to capture data of his neighbour was fined under the UK-GDPR. In response, Amazon issued a statement calling for buyers to “respect their neighbours’ privacy and comply with any applicable laws”. References: https://www.infosecurity-magazine.com/blogs/uk-gdpr-brexit-need-to-know/ https://www.itgovernance.eu/blog/en/the-gdpr-understanding-the-6-data-protection-principles https://www.theguardian.com/technology/2021/aug/26/uk-to-overhaul-privacy-rules-in-post-brexit-departure-from-gdpr https://gdpr-info.eu/art-6-gdpr/ https://www.webhosting.uk.com/blog/15-essential-facts-about-general-data-protection-regulation-gdpr/
0 Comments
2/1/2022 0 Comments An introduction to journey2lawHello and welcome to our blog: Journey2Law! Journey2Law is a platform founded by a student for students. Our founder, Basma El Hayani, is currently an Undergraduate Student studying International Politics and Sociology, keen to pursue a career in law and technology - 'legal tech'. Basma launched this initiative in hopes to inspire and help young students who do not have the opportunity to gain an insight into various careers. This initiative will provide students with work experience opportunities, events with top employers in their industry, competitions and much more. It’ll also be a place where they can increase their commercial awareness and read about the latest news, debates and affairs & that’s where the articles come in! We have a team of students interested in various careers including, law, technology, politics, business and engineering. They'll be sharing tips on how to secure top work experience and internship placements, current affairs and news as well as further career prospects. Journey2Law will also be hosting numerous events with law firms, chambers, technological companies and more, including, Clifford Chance, Travers Smith, IBM and Atos. This will give prospective students an insight into the sector and career they'd like to pursue. Our first event will soon go live, follow our Instagram: @journey2law_ for updates and subscribe to our newsletter to be the first to know about our updates, competitions and more exclusive content! Thank you for all of the support on behalf of our Journey2Law team. Keep sharing and spreading our platform to your teachers, friends and family! Journey2Law INSTAGRAM: @journey2law_ |