CEOs fear Brexit will leave firms out of step with GDPR

Business leaders express concerns over future of data protection

Brexit

CEOs are concerned that EU privacy rules will impact their ability to do business after Brexit, according to research by KPMG.

In a survey addressing 100 UK CEOs, 60% believed that their ability to do business will be impaired once Brexit takes place, if British privacy rules are not aligned with the incoming General Data Protection Regulation (GDPR).

Mark Thompson, global privacy advisory lead at KPMG, said: "The worry amongst this cohort of CEOs is understandable. Once GDPR is enforced, it will fundamentally alter the way we live, work and interact with technology, organisations and each other. This revolution will transform the scale, scope and complexity of personal information processed, with personal information being a core component of everything we do."

Ever since the European Commissionconfirmed the new privacy rules in April 2016to increase users' control over their personal data and strengthen data protection policies, many UK CEOs have become concerned that this could negatively impact on their businesses post-Brexit.

Once GDPR is enforced in May 2018,businesses that do not meet these rules will have to either pay sanctions of up to around 16.8 million (20 million), or 4% of their global annual turnover, whichever is higher.

Thompson said: "Whilst the UK is likely to implement the GDPR, Brexit poses some uncertainty on what GDPR will mean to the UK post-Brexit, it is critical to understand that if the UK is going to continue to trade with the EU this free flow of personal information must be maintained. As such we will need to have an 'adequate privacy ecosystem' in operation in the UK which is aligned to the requirements of the GDPR."

In September, the head of information commissioner's office (ICO) Elizabeth Denham toldBBC Radio 4that Britain should adopt the European legislation.

Denham said: "I don't think Brexit should mean Brexit when it comes to standards of data protection. In order for British businesses to share information and provide services for EU consumers, the law has to be equivalent."

Statements made by the UK government suggest the UK will try to adopt GDPR while negotiating its exit from the EU, but that it is likely to draw up equivalent legislation once it is no longer part of the EU.

Thompson said: "The Information Commissioner's Officeremainsadamant regarding the need for strong, equivalent privacy law in the UK regardless of the outcome of Brexit."

In order to prepare for GDPR after Brexit, Thompson suggested that organisations make significant improvements to their privacy control environment, rethinking the way in which they collect, store and use personal data.

Thompson said some immediate steps that companies could take to prepare for GDPR post-Brexit are to bring the implications of GDPR to the board's attention, understand the state of their current data protection rules, and to draw up a plan on bringing them in line with GDPR.

Featured Resources

Seven steps to connect and empower your frontline workers

How business leaders can improve communication with a secure platform

Free download

Create what’s next

The future of collaboration and productivity

Free Download

Leveraging the cloud without relinquishing control

Your data. Their cloud.

Free download

Re-architecting for nonstop innovation

Unlocking productivity, scalability, and lower costs for cloud natives

Free Download

Recommended

UK devising EU-alternative mechanism for global data sharing
data protection

UK devising EU-alternative mechanism for global data sharing

5 May 2021
The IT Pro Podcast: Navigating Brexit data transfers
data protection

The IT Pro Podcast: Navigating Brexit data transfers

5 Feb 2021
Border force reliant on 26-year-old tech due to digital upgrade delay
digital transformation

Border force reliant on 26-year-old tech due to digital upgrade delay

9 Dec 2020

Most Popular

Looking beyond the obvious: What’s best for multi-cloud?
Sponsored

Looking beyond the obvious: What’s best for multi-cloud?

8 Nov 2021
Nike to take customers into the metaverse with 'NIKELAND'
virtualisation

Nike to take customers into the metaverse with 'NIKELAND'

19 Nov 2021
How to speed up Microsoft's Windows 11
Microsoft Windows

How to speed up Microsoft's Windows 11

9 Nov 2021