CEOs fear Brexit will leave firms out of step with GDPR

Business leaders express concerns over future of data protection

Brexit

CEOs are concerned that EU privacy rules will impact their ability to do business after Brexit, according to research by KPMG.

In a survey addressing 100 UK CEOs, 60% believed that their ability to do business will be impaired once Brexit takes place, if British privacy rules are not aligned with the incoming General Data Protection Regulation (GDPR).

Mark Thompson, global privacy advisory lead at KPMG, said: "The worry amongst this cohort of CEOs is understandable. Once GDPR is enforced, it will fundamentally alter the way we live, work and interact with technology, organisations and each other. This revolution will transform the scale, scope and complexity of personal information processed, with personal information being a core component of everything we do."

Ever since the European Commissionconfirmed the new privacy rules in April 2016to increase users' control over their personal data and strengthen data protection policies, many UK CEOs have become concerned that this could negatively impact on their businesses post-Brexit.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Once GDPR is enforced in May 2018,businesses that do not meet these rules will have to either pay sanctions of up to around 16.8 million (20 million), or 4% of their global annual turnover, whichever is higher.

Thompson said: "Whilst the UK is likely to implement the GDPR, Brexit poses some uncertainty on what GDPR will mean to the UK post-Brexit, it is critical to understand that if the UK is going to continue to trade with the EU this free flow of personal information must be maintained. As such we will need to have an 'adequate privacy ecosystem' in operation in the UK which is aligned to the requirements of the GDPR."

In September, the head of information commissioner's office (ICO) Elizabeth Denham toldBBC Radio 4that Britain should adopt the European legislation.

Denham said: "I don't think Brexit should mean Brexit when it comes to standards of data protection. In order for British businesses to share information and provide services for EU consumers, the law has to be equivalent."

Statements made by the UK government suggest the UK will try to adopt GDPR while negotiating its exit from the EU, but that it is likely to draw up equivalent legislation once it is no longer part of the EU.

Thompson said: "The Information Commissioner's Officeremainsadamant regarding the need for strong, equivalent privacy law in the UK regardless of the outcome of Brexit."

Advertisement - Article continues below

In order to prepare for GDPR after Brexit, Thompson suggested that organisations make significant improvements to their privacy control environment, rethinking the way in which they collect, store and use personal data.

Thompson said some immediate steps that companies could take to prepare for GDPR post-Brexit are to bring the implications of GDPR to the board's attention, understand the state of their current data protection rules, and to draw up a plan on bringing them in line with GDPR.

Featured Resources

Digitally perfecting the supply chain

How new technologies are being leveraged to transform the manufacturing supply chain

Download now

Three keys to maximise application migration and modernisation success

Harness the benefits that modernised applications can offer

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

The 3 approaches of Breach and Attack Simulation technologies

A guide to the nuances of BAS, helping you stay one step ahead of cyber criminals

Download now
Advertisement

Recommended

Visit/business-strategy/startups/354539/uk-tech-investment-jumps-44-despite-brexit-uncertainty
startups

UK tech investment jumps 44%, despite Brexit uncertainty

15 Jan 2020
Visit/data-insights/data-management/354423/eu-us-data-transfer-tools-used-by-facebook-ruled-legal
data management

EU-US data transfer tools used by Facebook ruled legal

19 Dec 2019
Visit/cyber-security/34763/the-eu-calls-for-cyber-security-pact-with-post-brexit-uk
cyber security

The EU calls for cyber security pact with post-Brexit UK

6 Nov 2019
Visit/business-strategy/34447/can-the-uks-tech-sector-still-attract-investment-after-brexit
Business strategy

Can the UK tech sector still attract investment post-Brexit?

19 Sep 2019

Most Popular

Visit/operating-systems/25802/17-windows-10-problems-and-how-to-fix-them
operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020
Visit/business-strategy/mergers-and-acquisitions/354602/xerox-to-nominate-directors-to-hps-board-reports
mergers and acquisitions

Xerox to nominate directors to HP's board – reports

22 Jan 2020
Visit/microsoft-windows/32066/what-to-do-if-youre-still-running-windows-7
Microsoft Windows

What to do if you're still running Windows 7

14 Jan 2020
Visit/web-browser/30394/what-is-http-error-503-and-how-do-you-fix-it
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020