CEOs fear Brexit will leave firms out of step with GDPR

Business leaders express concerns over future of data protection

Brexit

CEOs are concerned that EU privacy rules will impact their ability to do business after Brexit, according to research by KPMG.

In a survey addressing 100 UK CEOs, 60% believed that their ability to do business will be impaired once Brexit takes place, if British privacy rules are not aligned with the incoming General Data Protection Regulation (GDPR).

Mark Thompson, global privacy advisory lead at KPMG, said: "The worry amongst this cohort of CEOs is understandable. Once GDPR is enforced, it will fundamentally alter the way we live, work and interact with technology, organisations and each other. This revolution will transform the scale, scope and complexity of personal information processed, with personal information being a core component of everything we do."

Ever since the European Commissionconfirmed the new privacy rules in April 2016to increase users' control over their personal data and strengthen data protection policies, many UK CEOs have become concerned that this could negatively impact on their businesses post-Brexit.

Once GDPR is enforced in May 2018,businesses that do not meet these rules will have to either pay sanctions of up to around 16.8 million (20 million), or 4% of their global annual turnover, whichever is higher.

Thompson said: "Whilst the UK is likely to implement the GDPR, Brexit poses some uncertainty on what GDPR will mean to the UK post-Brexit, it is critical to understand that if the UK is going to continue to trade with the EU this free flow of personal information must be maintained. As such we will need to have an 'adequate privacy ecosystem' in operation in the UK which is aligned to the requirements of the GDPR."

In September, the head of information commissioner's office (ICO) Elizabeth Denham toldBBC Radio 4that Britain should adopt the European legislation.

Denham said: "I don't think Brexit should mean Brexit when it comes to standards of data protection. In order for British businesses to share information and provide services for EU consumers, the law has to be equivalent."

Statements made by the UK government suggest the UK will try to adopt GDPR while negotiating its exit from the EU, but that it is likely to draw up equivalent legislation once it is no longer part of the EU.

Thompson said: "The Information Commissioner's Officeremainsadamant regarding the need for strong, equivalent privacy law in the UK regardless of the outcome of Brexit."

In order to prepare for GDPR after Brexit, Thompson suggested that organisations make significant improvements to their privacy control environment, rethinking the way in which they collect, store and use personal data.

Thompson said some immediate steps that companies could take to prepare for GDPR post-Brexit are to bring the implications of GDPR to the board's attention, understand the state of their current data protection rules, and to draw up a plan on bringing them in line with GDPR.

Featured Resources

Digital document processes in 2020: A spotlight on Western Europe

The shift from best practice to business necessity

Download now

Four security considerations for cloud migration

The good, the bad, and the ugly of cloud computing

Download now

VR leads the way in manufacturing

How VR is digitally transforming our world

Download now

Deeper than digital

Top-performing modern enterprises show why more perfect software is fundamental to success

Download now

Recommended

Webhose and Signal Corp boost data breach detection
Security

Webhose and Signal Corp boost data breach detection

7 Oct 2020
COVID-19 and Brexit are rendering AI models redundant
Data & insights

COVID-19 and Brexit are rendering AI models redundant

23 Sep 2020
Federation of small businesses says tech vouchers needed to survive Brexit transition
SMB

Federation of small businesses says tech vouchers needed to survive Brexit transition

8 Sep 2020
The IT Pro Podcast: Cyber security post-Brexit
cyber security

The IT Pro Podcast: Cyber security post-Brexit

4 Sep 2020

Most Popular

The top 12 password-cracking techniques used by hackers
Security

The top 12 password-cracking techniques used by hackers

5 Oct 2020
iPhone 12 lineup official with A14 Bionic chip and 5G support
Mobile Phones

iPhone 12 lineup official with A14 Bionic chip and 5G support

13 Oct 2020
Google blocked record-breaking 2.5Tbps DDoS attack in 2017
Security

Google blocked record-breaking 2.5Tbps DDoS attack in 2017

19 Oct 2020