Data protection (GDPR)
In May 2018 Europe upgrades to the General Data Protection Regulation (GDPR), the biggest overhaul of data protection and privacy since 1995.
Why you need to know
If you do business in or with Europe, GDPR applies to you, even if you are not located within Europe. It will also apply to UK businesses trading within Europe regardless of Brexit. The rules apply to the data you collect and use within your business as well as the data you collect and use in your web sites and apps.
A healthy approach to data protection and privacy will protect your business as well as your users in these politically uncertain times.
What will it mean for you
GDPR is a complete overhaul with upgraded rules and requirements for anyone collecting, processing, storing, and sharing personal data. The amount of work you will have to do to come into healthy compliance will depend on how familiar you were with the existing data protection and privacy rules. These rules, both old and new, are about everyday business processes, not tick boxes or legal statements.
What about after Brexit?
The UK is going into GDPR regardless of Brexit. The question is what comes after that.
- My guide to compliance for designers and developers
- EU GDPR resources
- ICO (UK) GDPR resources
- ICO data protection self-assessment
- ICO’s plain English GDPR briefing
- ROI Data Protection Commissioner
- FR: RGPD: le prochain grand défi de la protection des données
- GDPR national implementing legislation across Europe
- Full EU legal text of the GDPR
- Afterbrexit.tech side blog where I monitor EU tech policy through the Brexit process