British bosses may be as in the dark as everyone else is about how their firms will cope in a post-Brexit economy but they are adamant about one thing: the UK needs privacy laws which are aligned to the EU General Data Protection Regulation or they will suffer badly.
That is according to a new study by KPMG, whoch shows that 60% of UK chief executives believe that their ability to do business will be hindered once Brexit takes place if UK privacy rules are not at least equivalent to GDPR.
With the new legislation due to come into force in May 2018, statements issued by the UK Government suggest that the UK will adopt the GDPR while it negotiates its exit from the EU.
What remains to be seen is whether the GDPR is subsequently repealed and replaced with something else.
KPMG global privacy advisory lead Mark Thompson said: “The worry among this cohort of CEOs is understandable. Once GDPR is enforced, it will fundamentally alter the way we live, work and interact with technology, organisations and each other.
“This revolution will transform the scale, scope and complexity of personal information processed, with personal information being a core component of everything we do.”
He added that while the UK is likely to implement the GDPR, Brexit poses some uncertainty on what GDPR will mean to the UK post-Brexit. “It is critical to understand that if the UK is going to continue to trade with the EU this free flow of personal information must be maintained. As such we will need to have an ‘adequate privacy ecosystem’ in operation in the UK which is aligned to the requirements of the GDPR,” Thompson insisted.
“The Information Commissioner’s Office remains adamant regarding the need for strong, equivalent privacy law in the UK regardless of the outcome of Brexit. It therefore seems likely that a GDPR equivalent privacy framework will be here to stay and organisations should prepare accordingly.”
Under GDPR most organisations will need to make significant enhancements to their privacy environment and rethink the way they collect, store, use and disclose personal information.
Thompson concluded: “These changes are going to be complex and take time, as such, most organisations cannot afford to wait and see what form Brexit takes. Doing so would leave them with insufficient time to prepare.”
Related stories
Germans call for softly, softly approach to GDPR
ICO issues privacy notice warning in first GDPR code
ICO commits to data law overhaul despite Brexit win
Third of businesses still feel unprepared for GDPR
7,000 data protection officers needed for UK firms
Marketers clueless about Brexit impact on data laws
Data compensation claims ‘could run into millions’
EU sets May 25 2018 as GDPR implementation date
Industry on alert as EU reviews online privacy laws
Data consent ruling rocks industry
ICO evidence exposes mass abuse of the TPS rules
1,000 firms probed as ICO goes to war on rogue data
EU reforms put £300bn digital market in jeopardy
EU data reforms: the top 5 issues for marketers