Data protection law is one of the means by which interference with the right of privacy is prevented. Data protection law is complex, and capable of application in an extensive range of circumstances.
The legal basis for data protection changed with effect from 25 May 2018 when the Data Protection Act 1998 was repealed. Since then, data protection has been governed by the Data Protection Act 2018.
Since 1998 the UK data protection laws have been closely linked to EU law. Indeed the 1998 Data Protection Act was made into UK law following the implementation of EU directive (Council Directive 95/46/EC). The current data protection laws came into force in 2018 following the implementation of the General Data Protection Regulation (Regulation (EU) 2016/679)’.
Following the end of the Brexit Implementation Period the changes to UK data protection laws are set out in Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019, SI 2019/419. The effect of these Regulations is, among other things, to ‘merge’ the GDPR and the Applied GDPR, producing what is referred to as the ‘UK GDPR’.
In June 2021, the EU approved adequacy decisions for the EU GDPR and the Law Enforcement Directive (LED) to allow data to continue to flow, in the majority of circumstances, as it did before Brexit.
Our professionals advise and provide training sessions to ensure that our clients understand and have the resources in place to comply with the changes to UK data protection laws.