By J. Rollins
The past 18 months since first blogging on this have past in the wink of an eye and we are now in the final month prior to GDPR taking effect. Although for many of you the concerns are still the same, there has been some progress in some of the points I made. The biggest being in the UK discussion. On that front, despite the UK triggering Article 50 of the Lisbon Treaty (this is actually what they did and is commonly called “Brexit”), the timing of the completion of their negotiations to leave the union are not complete and when May 25 rolls around next month and GDPR takes effect, the UK will technically still be a member state. In addition, the second reading of their new DPB (“Data Protection Bill”) is currently in the House of Lords. The DPB is the UK’s answer to the GDPR and will effectively update their standards to a 21st-century model and supplant those 1998 standards I wrote about in the initial blog. There are some differences that you should explore, especially if your company has locations in the UK as well as other EU member states – the biggest maybe being the appointment of a controller is in GDPR but not DPB. We believe it is still advisable to have this role for UK companies even though it is not required, but this is one of those areas you should discuss with counsel. There are other differences that deal with the age of children who can give consent regarding data privacy.
Still, even with experts, there is some uncertainty about what will really happen when Brexit occurs. There’s still a way to go on this deal and not a lot of time to do. We’ll do our best to stay informed and help our clients navigate this, but our strongest advice is to have a task force with counsel that focusses in this area to guide you through these coming months. Until then, we’ll keep tossing out questions you might want to ask!
Clearly there is a lot of political fallout over Great Britain’s recent vote to exit the EU – for days after the vote it dominated the news cycles. We all heard both the fear and support of the decision by the British people. We heard about immigration, defense, monetary policy and regulatory authority. And those are certainly all things citizens need to understand and debate, governments need to discern and minimize the fall out of what looks to be a very expensive divorce settlement for all involved.
But we’re an ethics company, and although interested in the political ramifications (it’s impossible after all to grow up and live in Washington DC without being a political junkie!), I came back to “what does this mean for my clients?” and “how do I counsel their ethics and compliance reporting strategies in light of Brexit?” [Read more…]