Exit GDPR : The United Kingdom has decided to leave the GDPR, or at least no longer apply it. In a move aimed at reducing administrative burdens on businesses, GDPR will be abandoned. This decision was confirmed by the British government on March 9, 2023. UK companies will be freed from certain reporting obligations and restrictions, which is expected to save them over £4 billion (€4.5 billion) over a ten-year period.
The new rules will make it easier for companies to collect data without explicit consent from their users, facilitating research and development policies. The consent rules for cookie deposits will also be relaxed. In addition, the law will no longer require a company to hire a data protection officer, which is currently an obligation.
These changes have been welcomed by Julian David, director of TechUK, who has highlighted that companies can now conduct research and develop new technologies, such as artificial intelligence, with greater legal confidence. However, UK companies will still need to comply with European data protection regulations if they wish to do business in the European Union.
Exclusivité DPO PARTAGE
Vos questions sur le RGPD
Gratuitement, poser vos questions sur la conformité RGPD.
Une réponse sous 24/48h à votre problématique.
Ultimately, while abandoning the GDPR may reduce administrative burdens for UK companies, it may have limited impact on their ability to do business with the EU. Companies may choose to align with European regulations to avoid the coexistence of two different regimes internally.
As a consequence of leaving the GDPR, companies may collect data more easily without explicit user consent, which could be concerning for those who wish to protect their privacy. Consent requirements for cookie deposits will also be relaxed, which could lead to more intrusive targeted advertising.
On the other hand, if companies are no longer required to hire a data protection officer, this could lead to an increased risk of data breaches and cyber attacks. Companies will still be required to protect users’ personal data and comply with existing privacy rules, but this will depend more on their own initiative rather than strict regulation.