ICO published general data protection regulation overview

The UK Information Commissioner’s Office ("ICO") has released an overview emphasizing the key themes of the General Data Protection Regulation ("GDPR") to enable organizations understand the new legal framework in the European Union.

The overview is directed at those organizations which have a day-to-day responsibility for data protection and illustrates the resemblance with the existing UK Data Protection Act 1998, and depicts some of the new and different requirements.

The ICO noted that once implemented in the European Union, the GDPR – that has several new features such as breach notification and data portability – will be relevant for many companies in the UK, most evidently those operating internationally.

IAB released several recommendations regarding how to deal with the GDPR

In addition to the above, the UK Internet Advertising Bureau ("IAB") organized a forum which addressed the possible implications of the Brexit vote on the UK’s digital advertising industry, and the GDPR.

In this regard, whatever the future relationship between the UK and the European Union holds, the GDPR will apply from 25 May 2018 to all companies processing personal data of individuals in the European Union in nearly all cases, regardless of where the company is located. Accordingly, the IAB recommends that companies take various practical steps to ensure adequate preparation for the GDPR.

We will continue to closely monitor and provide updates on future regulatory developments in this area. For further details and recommendations published by us on the GDPR, see our related special Client Update.