Data Protection in the UK
Data protection in the UK is currently governed by the EU General Data Protection Regulation 2016/679 (GDPR) as applied by the UK’s Data Protection Act 2018 (DPA).
If the UK leaves the EU on March 29, 2019 as planned, the DPA will remain in place and the European Union (Withdrawal) Act 2018 – the legislative framework for the UK’s withdrawal (Brexit) from the EU – will incorporate the GDPR into UK law.
In March 2018, the UK and the EU reached political consensus on the terms of a transitional period that will start on March 29, 2019, until December 31, 2020. Such terms are intended to be included in the EU-UK withdrawal agreement, which is still being negotiated. If a transitional period is formally agreed on the proposed terms, common EU rules (including the GDPR) will continue to apply in the UK during such period.
Sidley Austin LLP provides this information as a service to clients and other friends for educational purposes only. It should not be construed or relied on as legal advice or to create a lawyer-client relationship. Readers should not act upon this information without seeking advice from professional advisers.
Attorney Advertising—Sidley Austin LLP, One South Dearborn, Chicago, IL 60603. +1 312 853 7000. Sidley and Sidley Austin refer to Sidley Austin LLP and affiliated partnerships, as explained at www.sidley.com/disclaimer.
© Sidley Austin LLP