Scribd
Upload
52 views3 pages

UK Data Protection Act 2018 (DPA ACT) - 2020 Update

The document discusses changes to UK data protection law after Brexit. It explains that the UK Data Protection Act 2018 was passed before Brexit to align with the EU GDPR, but after Brexit the UK has its own equivalent data protection laws called the UK-GDPR and amended UK Data Protection Act 2018. Under the new laws, UK users will have the same rights as EU users and UK organizations must still comply with the same requirements as the EU GDPR when processing personal data. The transition period runs until the end of 2020.

Uploaded by

simran yadav
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
52 views3 pages

UK Data Protection Act 2018 (DPA ACT) - 2020 Update

The document discusses changes to UK data protection law after Brexit. It explains that the UK Data Protection Act 2018 was passed before Brexit to align with the EU GDPR, but after Brexit the UK has its own equivalent data protection laws called the UK-GDPR and amended UK Data Protection Act 2018. Under the new laws, UK users will have the same rights as EU users and UK organizations must still comply with the same requirements as the EU GDPR when processing personal data. The transition period runs until the end of 2020.

Uploaded by

simran yadav
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

UK Data Protection Act 2018 (DPA ACT) | 2020 Update

The General Data Protection Regulation (GDPR) and Data Protection Act 2018 affect how you as a website owner
must obtain and store cookie consents from your visitors from the UK & EU.
 
Try our free compliance test to check if your website’s use of cookies and online tracking is GDPR compliant.

Updated  July 8, 2020.

The Data Protection Act 2018 (DPA ACT) is a domestic law governing the use of personal data
and the flow of information in the United Kingdom.
Brexit happened on January 31, 2020 and a new and amended Data Protection Act has taken
effect.
In this article, we dive into the Data Protection Act 2018 – what does the law say and how has it
changed after Brexit?

Data Protection Act 2018 - 2020 Update

So, the UK left the EU on January 31, 2020. This means changes to the legal landscape of
data protection in the United Kingdom.

The Data Protection Act 2018 was actually passed in April 2016 and took effect (received
Royal Assent) on May 25, 2018 – the same day as the European General Data Protection
Regulation (GDPR) went into effect.
This is no coincidence.

The UK Data Protection Act was passed before the Brexit referendum later that summer
and is in fact constructed around and meant to be read in conjunction with the EU GDPR,
that has uniform authority over all member states.

However, the UK has now effectively left the EU (Brexit happened on January 31, 2020) and
this has an impact on the future of data protection law in the UK.

Under the new UK-GDPR and the amended UK Data Protection Act, users in the United
Kingdom will have the same rights as users in the EU, and websites, companies and
organizations who collect or process data of users in the UK will have to comply by the
same requirements as those set out by the EU GDPR.The UK has been protected and
regulated by the European GDPR since May 2018, but now that the country has left the EU,
it has its own, equivalent set of data protection legislation. The transition period that took
effect on January 31, 2020 will run until December 31, 2020 – unless extended or absolved
on account of new deals agreed upon between the UK and EU. Under the new UK-
GDPR and the amended UK Data Protection Act, users in the United Kingdom will have
the same rights as users in the EU, and websites, companies and organizations who collect
or process data of users in the UK will have to comply by the same requirements as those
set out by the EU GDPR.

New Data Protection Act 2018 and a new GDPR


This new law is called UK-GDPR (United Kingdom General Data Protection Regulation)
and will be read in conjunction with the newly amended Data Protection Act 2018 (DPA
2018).
https://www.cookiebot.com/en/data-protection-act-2018/
In April 2016, the European Parliament adopted the GDPR, replacing its outdated Data
Protection Directive, enacted back in 1995. Unlike a regulation, a directive allows for each of the
twenty-eight members of the EU to adopt and customize the law to the needs of its citizens,
whereas a regulation requires its full adoption with no leeway by all 28 countries second. In this
instance, the GDPR requires all 28 countries of the EU to comply. For example, a U.S. airline is
selling services to someone out in the UK, although the airline is located in the U.S., they are still
required to comply with GDPR because of the European data being involved.

Accountability is the only new principle under GDPR – it was added to ensure companies
can prove they are working to comply with the other principles that form the regulation.
At it simplest, accountability can mean documenting how personal data is handled and
the steps taken to ensure only people who need to access some information are able to.
Accountability can also include training staff in data protection measures and regularly
evaluating and data handling processes.

You might also like