back to article Brexit will happen. The EU GDPR will happen. You can't avoid either

Article 50, the process for Britain’s formal withdrawal from the European Union, is looming. Upon the conclusion of Article 50, data centres resident in Britain will no longer be subject to EU data protection rules. Today, UK data centres are bound by the EU Data Protection Directive (95/46/C), which was in turn based on the …

  1. Stretch

    Civil War

    More people need to be talking about taking up arms against the racists.

    1. fajensen

      Re: Civil War

      Good plan. We just need to agree on who the racist are.

      1. Anonymous Coward
        Anonymous Coward

        Re: Civil War

        Don't worry. The Graun readers have decided that EVERYBODY who voted leave is a racist (incidentally, the second worst slur the lefities have - the ultimate big boy is "Daily Mail reader").

        According to the Spectator the Graun is going to shut its comment forums presently, so the Reg will be soon be even more contaminated with digital refugees, coming here to vent their socialist bile and hatred of democracy.

        1. Rich 11 Silver badge

          Re: Civil War

          Poor AC. Did someone call you out on your racism? Were your feelings hurt?

          1. Doctor_Wibble
            Paris Hilton

            Re: Civil War

            Given the complete loss of all and any sense of humour and inability to recognise sarcasm when it comes to anything around the referendum, I have no idea if this, or the AC to which it was addressed, were intended sarcastically or not.

            We are here because the combined forces or our glorious leaders and supposedly intellectual superiors failed (and lost ground against, how FFS) to win over what were apparently just a bunch of old uneducated xenophobes.

            The day when people stop letting the referendum prod them into being crap to each other really can't come soon enough.

            1. IsJustabloke
              Stop

              Re: Civil War

              @doctor_wibble

              "what were apparently just a bunch of old uneducated xenophobes"

              Or possibly very well educated people who found reasons other than "blimmin' forinnners" to vote exit.

              1. KeithR

                Re: Civil War

                "Or possibly very well educated people who <emfound reasons other than "blimmin' forinnners"</em> to vote exit."

                Of which there are NONE.

                Seriously.

                1. imanidiot Silver badge

                  Re: Civil War

                  "Or possibly very well educated people who <emfound reasons other than "blimmin' forinnners"</em> to vote exit."

                  Of which there are NONE.

                  Seriously.

                  Citation needed.

                  Because the way the EU is now trying to steal the pensions funds (BTW, until the UK is out the UKs and the Netherlands pension funds, which form the vast majority of pension savings funds within the EU, are still at risk. Look into the recently passed EU wide pension legislation), the way the EU is trying to backdoor in an EU wide army, the way the EU is trying to backdoor a federation, the way the EU is trying to backdoor and backroom handle trade negotiations like TTIP and CTIP and the way the EU is trying to backdoor and closed door backroom handle many many other less than popular legislations cannot POSSIBLY be a reason to vote for Leave. Nope, just "blimmin forinrs"...

                  Maybe you should step out of your little bubble and meet some people from other walks of life. You seem to have been infected with EU propaganda. And if you really think all those who voted leave are ignorant racists it bloody well falls on the Remain campaign for failing to actually, you know, campaign and explain people PROPERLY why remain is the better option. Instead of going doom mongering.

            2. Doctor_Wibble

              Re: Civil War

              @ IsJustabloke

              That's what I was getting at but an upvote because maybe these things do sometimes need to be spelt out though I had really been hoping the sarcasm wouldn't miss...

            3. Solmyr ibn Wali Barad

              Re: Civil War

              "Given the complete loss of all and any sense of humour and inability to recognise sarcasm when it comes to anything around the referendum"

              This is indeed a great loss. Quite possibly the worst harm caused by all that Brexit brouhaha.

              As one fellow commenter half-jokingly quipped: British sense of humour is about the only thing why Brits are really needed in the EU.

              Yes, mentality is pretty darn important. With that in peril everything else is in peril. Economic matters can be resolved eventually, given enough time and effort, maybe with a need to suffer few years of hardship along the way. Trust, however, is very hard to regain. And a society so bitterly divided may take a whole generation to heal.

              On the other hand it's not uniquely British problem. Great divisions over small(ish) issues seem to become normal all over the world. Like it was an alien mindbug or something like that. About the only thing a sane person can do is to be cautious and not go along with mindlessly screaming hordes. Oh, and keep the sense of humour intact.

        2. Triggerfish

          Re: Civil War

          Sorry AC are you calling people out for labeling people while actually doing it yourself? I can't tell, are you being sarcastic or are you just a bit thick?

        3. heyrick Silver badge
          Unhappy

          Re: Civil War

          "decided that EVERYBODY who voted leave is a racist"

          Probably because the rest of the names for you deranged selfish twats would result in complaints to the Press Complaints Commission...

          1. Jeff Lewis

            Re: Civil War

            Ok.. I swear - I read this AFTER my post. This made me laugh in the good way. :)

        4. Tom Paine

          Re: Civil War

          Don't you think racism is a Bad Thing, then?

        5. Tom Paine

          Re: Civil War

          Can you produce a single instance of anyone making that claim, anywhere? No? Why, it's almost as if you were erecting a straw man in order to have something to flail angrily against, or something...

        6. WookieBill

          Re: Civil War

          As a fully signed up member of the Guardian reading London Metropolitan Elite I feel the need to point out you are quite wrong, your not Daily Mail readers or Racists, you are Daily Mail reading Racists! :-)

          In all seriousness though, the Guardian closing its comments section is probably good news, the way the Indie's comments section has gone is horrendous, Calling many of commentators there racist is an insult to racists and I would hate to the Guardian turn into the cesspool of full on (Islamophobic) hate that is the Indie's comments section is these days.

          1. KeithR

            Re: Civil War

            "you are Daily Mail reading Racists!"

            Knuckle-dragging Daily Mail reading Racists, to be completely accurate...

        7. TVU Silver badge

          Re: Civil War

          "Don't worry. The Graun readers have decided that EVERYBODY who voted leave is a racist (incidentally, the second worst slur the lefities have - the ultimate big boy is "Daily Mail reader").

          According to the Spectator the Graun is going to shut its comment forums presently, so the Reg will be soon be even more contaminated with digital refugees, coming here to vent their socialist bile and hatred of democracy."

          The Guardian is wrong for not all those who voted Leave are racists. They are also ignorant, ill-informed, ill-educated, Europhobes, xenophobes and Polish-haters too.

          Leave only had a marginal win at best and that win was only based on outright lies (the most egregious of which was that all EU money was going to be diverted to the NHS) and scaremongering about immigrants (like the leaflet that implied that the whole of the Turkish population was coming to the UK).

          The Leave campaign made it acceptable to express hate in both verbal and physical form and that has very tragically led to some murders too. Yet no one from the Leave campaign, or supporters thereof, have condemned these attacks.

          It is also a blatant falsehood to claim that only voters of the left voted to remain to within the EU for many millions of voters of the centre and centre-right also voted to remain in the EU.

          1. Martin Summers

            Re: Civil War

            "The Leave campaign made it acceptable to express hate in both verbal and physical form and that has very tragically led to some murders too. Yet no one from the Leave campaign, or supporters thereof, have condemned these attacks."

            What an incendiary and disgusting comment to make. No campaign made it acceptable to do anything. Least of all to murder or abuse someone. None of that is acceptable in any way shape or form ever.

            What I do know is, the world didn't end, world war 3 (and yes that was predicted by someone very central to the remain campaign) did not happen and that people did not have to have the fear of God put into them to scare them to vote a certain way. As another poster said above, plenty of people had many reasons that were nothing to do with xenophobia for leaving the EU. How dare you tar everyone with the same brush.

            1. heyrick Silver badge

              Re: Civil War

              "What I do know is, the world didn't end,"

              It is well worth noting that you had a referendum. Supposedly non-binding through the current leadership is treating it as a mandate.

              Brexit, itself, hasn't happened yet.

              1. Martin Summers

                Re: Civil War

                If it wasn't binding it wouldn't be a democracy. You're damn right its a mandate and people need to get over themselves and accept that. Brexit hasn't happened yet no, had you heard the hysteria at the time you would have thought the world was going to end as soon as a decision to leave was made. The world will not end when Brexit does happen either.

                I doubt anyone is going to come back to these comment pages so long after the story being published but I thought I'd reply!

                1. KeithR

                  Re: Civil War

                  "If it wasn't binding it wouldn't be a democracy. "

                  You apparently don't know what "democracy" means or how it works, Martin...

                  1. Martin Summers

                    Re: Civil War

                    And to be honest Keith. From your comments I can ascertain you're an idiot, but I'm hoping you're just trolling as I'd hate to think there were actually people with your opinions out there.

                    1. heyrick Silver badge

                      Re: Civil War

                      @ Martin : Sorry. Having a big mouth doesn't automatically mean you're correct. It WAS proposed as a non binding advisory referendum. Don't take my word for it, read: https://hansard.parliament.uk/commons/2016-09-05/debates/1609058000001/EUReferendumRules

                      1. Martin Summers

                        Re: Civil War

                        @heyrick

                        Did I ever say it wasn't advisory? Jeez you muppet try reading for God's sake. However, the people voting would expect the result to be binding regardless. I doubt the leave campaign would have been crying like babies that they didn't get the result they wanted and asking for another referendum. Nor would they be blathering on about it being advisory. As a leave campaigner I would have accepted a result to stay in as the will of the people. Quite simple really.

                        1. heyrick Silver badge

                          Re: Civil War

                          You said, and I quote: "If it wasn't binding it wouldn't be a democracy." What the hell is a binding advisory referendum supposed to be? If it is binding then it isn't advisory. Quite simple really.

                          "I doubt the leave campaign would have been crying like babies that they didn't get the result they wanted and asking for another referendum." Actually I believe that's EXACTLY what Farage was saying when he originally thought the result was going to be Yes.

                          Plus, the big poll for having a second referendum was started by a leave supporter.

                          But, hey, pretty much the entire leave campaign has been a whole lot of bullshit, what's a little more, eh?

            2. KeithR

              Re: Civil War

              "What an incendiary and disgusting comment to make."

              No less true, for all that.

              "people did not have to have the fear of God put into them to scare them to vote a certain way"

              Bullshit!

            3. Stephen 1

              Re: Civil War

              @Martin Summers

              The world war three statement was made by Boris Johnson, pretty sure he had something to do with the Leave campaign. Of course he was lying, but now you know who said it, it seems rather superfluous to point that out.

        8. Jeff Lewis

          Re: Civil War

          Actually, we decided that all Leavers were pathologically deranged, morally reprehensible, gullable, mentally-damaged cretins.

          Then we realised that there were FAR too many syllables in that for them to understand, so we went with 'racists'.

          It was easier.

      2. Bloakey1

        Re: Civil War

        "Good plan. We just need to agree on who the racist are."

        Kill them all. God / Farage will recognise his own.

        Can we start on the politicians, journalists, estate agents, lawyers and priests when we finish. After that we can get the Windows / Linux / Mac users {1.} up against the wall

        1. Delete inapplicable.

        1. Blain Hamon
          Joke

          Re: Civil War

          "After that we can get the Windows / Linux / Mac users up against the wall"

          Meanwhile, the Amiga users would be rubbing their hands together, saying, "Soon, revenge shall be ours!"

    2. Tom Paine

      Re: Civil War

      True, but pretty irrelevant to this story.

    3. Van

      Re: Civil War

      I don't get it, i must have called 100,000 people racist, but we still lost :(

      ;)

  2. Baldy50

    Not a bit arsed!

    Norwegian server for me, data going to be collected anyway at every turn and shared/misused of course and if you don't put anything out there you don't want leaked fookum!

  3. Voland's right hand Silver badge

    Too early to say

    data centres resident in Britain will no longer be subject to EU data protection rules.

    This is only relevant if they will have any Eu business. That depends on DPR, taxation, VAT rules between UK and Eu and god knows what else.

    Looking at any tea leaves before these are resolved is rather pointless. If the "hard line" of current BrExit secretary is to be implemented, there may be very little business in the first place so nothing to worry about from that perspective. It will be more appropriate to worry about getting that potato picker job in Lincolnshire to replace the evicted Eastern European migrants.

    If a softer line is followed we need to see what will be the actual regs.

    In any case, regardless of the softness or hardness of the negotiation line, UK-only Datacenter operators of the "physical server" variety are looking at lost business. Business does not like uncertainty - they will move somewhere where they can colocate without worrying about all of it. Cloudy/Virtualized providers who have facilities in both Eu and UK will just see some move from left pocket to right pocket + conversions as their ability to move the processing to the correct location becomes a major selling point.

    1. Anonymous Coward
      Anonymous Coward

      Re: Too early to say

      Looking at any tea leaves before these are resolved is rather pointless

      Au contraire, examining all the possibilities, ranking them by probability and looing at what mitigations to take for those with the biggest potential impact is all about effectively managing a company.

      Look what just sitting and waiting ant not preparing did for our Govenment's Brexit strategy.

      1. Voland's right hand Silver badge
        Joke

        Re: Too early to say

        Au contraire, examining all the possibilities, ranking them by probability and looing

        Fair point. Touche.

        We shall be LOOING then. That is probably a 21st century version of the privy council.

  4. Len
    Thumb Up

    Just move your business before actual Brexit

    We are in the process of moving all our data and company registration to Amsterdam.

    It's a bit of a hassle but worth it in the long run. We will not be held hostage to entirely unpredictable processes. Is the UK going to leave the EU? If so, when? Which EU regulations will the UK gov. still want/have to implement post-Brexit? Which regulation will change? Will that be for the better or worse? How much extra burden is having to comply with both UK and EU regulations? etc. etc.

    By moving to a country that will stay in the EU any Brexit risk is then only impacting our UK customers, for the majority of our customers nothing changes. Far better than the other way around.

    1. imanidiot Silver badge

      Re: Just move your business before actual Brexit

      moving ... to Amsterdam.

      By moving to a country that will stay in the EU

      Given current unhappyness about government policy and the rise of EU skeptic political parties in the Netherlands, I have my doubts you should be so certain about that. I do believe however if it comes to the Netherlands leaving the EU it will be because the project has finally just failed so miserably it just falls apart. Doing so at the moment imho would probably have a massive negative impact on our economy (even if it IS the smart/right thing to do).

      1. Anonymous Coward
        Anonymous Coward

        Re: Just move your business before actual Brexit

        Put it on a truck and just keep it driving around the EU.

        1. just another employee

          Re: Just move your business before actual Brexit

          or stick it on a boat and call it Caroline...

        2. Wensleydale Cheese

          Re: Just move your business before actual Brexit

          "Put it on a truck and just keep it driving around the EU."

          Sun had the idea of a data centre in a truck, for disaster recovery purposes.

          DEC had the same idea too, but a few years before.

      2. Len

        Re: Just move your business before actual Brexit

        Of course we have looked into this risk and the actual chances of the Netherlands leaving the EU are minute.

        Only one of the Dutch political parties (the far-right PVV of Geert Wilders) has ever favoured leaving the EU. They have gone remarkably quiet on this specific topic since the British referendum as the Dutch voter reads about the turmoil it has thrown the UK in and popularity of the EU has risen as a result. The PVV have now pivoted from anti-EU back to anti-foreigner. Furthermore, the PVV has just published its one-page election manifesto that is so outlandish (read: deliberately written to not be able to ever join a coalition government) that it makes Jeremy Corbyn look dead-set as the new PM. Don't expect a Dutch political party to make the same mistake Cameron has made, especially not after Cameron has shown the rest of Europe the dangers of it.

        1. IsJustabloke
          Trollface

          Re: Just move your business before actual Brexit

          "Of course we have looked into this risk and the actual chances of the Netherlands leaving the EU are minute."

          I seem to recall an awful lot of people saying similar things about the referendum here too...

          just sayin' you know. ;)

          1. Tom Paine

            Re: Just move your business before actual Brexit

            "Of course we have looked into this risk and the actual chances of the Netherlands leaving the EU are minute."

            I seem to recall an awful lot of people saying similar things about the referendum here too...

            Do you? I don't -- no-one who ever looked at the polling over the last few years, anyway.

        2. imanidiot Silver badge

          Re: Just move your business before actual Brexit

          @Len,

          I think your research is a bit flawed to be honest. There are more parties and politicians that have voiced doubt about the current direction/organisation/politics of the EU.

          On top of that you seem to highly overestimate the intelligence of the average politician in the Netherlands. If they think they can get votes by being EU skeptic they will be EU skeptic. On top of that the current governing parties (PvdA and VVD) are polling at an all time low and total decimation at the next elections (next year). PVV is still polling at a major win. Whatever happens in the meantime, political upheaval and uncertainty is no doubt coming to the Netherlands come the elections next year. I doubt it's going to stay business as usual over here.

          I'll agree Geert Wilders is a bit of a loony and his "election 'manifesto'" is somewhat laughable, but we'll have to see if possibly VNL might be able to jump into the gap by being right wing but not batshit insane.

          In any case, there is a massive undercurrent of dissatisfaction with the current government and current EU and Netherlands policies. Who knows how that will eventually work out. I wouldn't exclude a Nexit. (Like I said, my thinking is this will only happen if the EU as a whole falls apart)

        3. imanidiot Silver badge

          Re: Just move your business before actual Brexit

          @Len, BTW, don't get me wrong, you are very welcome in our little country. We could do with the added work/economy/tax given how many companies have left or fallen over. I'm just a little puzzled why anybody would choose the Netherlands out of all the EU countries on offer given our current goverments hostility towards any bussiness smaller than a few million euros turnover (Current attitudes seem to be: "If you don't make enough to make a special deal with the Tax services, bend over and take it!"). I certainly wouldn't consider starting a company in the Netherlands. And I live here!

    2. tiggity Silver badge

      Re: Just move your business before actual Brexit

      And of course, coffee shops

    3. Blotto Silver badge

      Re: Just move your business before actual Brexit

      nothing like premature ejection to spoil the mood.

      the likely hood is that the UK will retain the same EU rules and regulations with the option to amend as and when is required using the normal predictable UK procedures and time lines.

      yes the top court for rulings will change to a UK based one but why is that such a bad thing?

      Also if you are trading in the UK what will be the impact to you of hosting UK data bound by UK rules in a foreign land?

    4. Tom Paine

      Re: Just move your business before actual Brexit

      interesting anecdotal data point. But if your employer wants to trade in the UK (which seems likely) they will still have to deal with the complications of trading across the new EU border between the UK and the EU27, won't they? And I'm pretty sure that a company which manufactures goods or provides services from sites located in the UK will still have to deal with whatever tariffs, taxes, regulations and whatnot are imposed, regardless of where the company's registered head office is. No? (IANAL, as must be glaringly obvious...)

      1. eionmac

        Re: Just move your business before actual Brexit

        Location of Head Office has NO IMPACT on any trading across actual borders. Subsidiary in say an EU country like Germany has two sets of rules a) An EXPORT outside EU, b) a DISPATCH to a country inside EU. At the moment all UK trade to EU and EU trade to UK is a Dispatch for customs & VAT purposes. After BREXIT all UK trade to EU and from EU is a normal EXPORT (it will cross the EU external boundary) [A dispatch crosses a National Boundary (say UK to Ireland, Netherlands to Germany ) but does not cross the EU Boundary. The Physical location of origin of goods is important the HQ and its registration is not.

    5. Smoking Gun

      Re: Just move your business before actual Brexit

      That's great excuse for sorting a few nights out in the red light district! I see what you did there... ooh Brexit uncertainly, lets move business to Amsterdam so I can see some titties..

  5. This post has been deleted by its author

    1. Blotto Silver badge

      Re: You think!?

      @fajensen

      you think Corbyn stands a better chance of progressing Brexit than Borris?

      there is an interesting thought!

  6. Anonymous Coward
    Anonymous Coward

    I sincerely hope...

    ...that the UK government elects to conform to EU GDPR after Brexit. Apart from the obvious point that if we don't no EU-based company is going to want its data stored or processed here (because to do so would be illegal unless some sort of Safe Harbour agreement is reached (more negotiations - whoopee!)) but because we've been trying to get senior management to pay attention to " knowing what data they hold, why they hold it, where it’s kept and how long it should be kept for" but the will hasn't been there. Now it's actually likely to result in an ICO fine (especially when that fine level goes up to up to 20% of turnover) they have started to pay atttention!

  7. Anonymous Coward
    Anonymous Coward

    Don't care

    Issues like this won't matter to most people that voted Brexit (ie the over 65 ex-mill or mine workers, at least here in the North West) because they don't have a computer. Or if they do don't know anything about how it works.

    'Why the fuck is {Strictly/Bake Off/Antiques Roadshow} not working on this blasted computer?'

    'Son, you got a minute?'

    1. just another employee

      Re: Don't care

      I do recall all those WITH a computer had to be given an extra bit of time to register because they couldn't be arsed to do so earlier....

      ..maybe you should consider that before being ageist.

  8. wolfetone Silver badge

    Can everyone just stop being dicks to each other? Can we have a referendum on whether everyone's on board with that?

    Thought not.

    1. smartypants

      RE: Can everyone just stop being dicks to each other

      Brexit makes us all look like dicks.

      If you consier that we're all human beings on this one planet, details of precisely who lives where shouldn't matter that much in the grand scheme of things, but unfortunately, it seems to matter enough to those who are moved by posters of "the hoardes" (of largely-brown people) on Nigel Farage's infamous poster to start behaving like dicks to anyone who seems to be from 'elsewhere'.

      ...not that this distaste for Johnny Foreginer makes us less likely to stop our government's casual and regular creation of countless refugees with our 'surgical' interventions in numerous countries over the last few decades.

      1. Version 1.0 Silver badge

        Re: Johnny Foreigner

        Having spent several years in the 70's working on building sites out of term time at Uni, I'm perpetually amused at the attitude to Johnny Foreigner these days - at that time most of the workers were Irish (claiming to be IRA) and told the best jokes.

        Of course, these days the Irish jokes are all too "racist" to laugh at or repeat in public.

  9. Anonymous Coward
    Anonymous Coward

    Didn't the data protection act predate the GDPR?

    There's no reason to assume we'll get rid of any laws to begin with. Any that get jettisoned will surely be made on a case by case basis.

    1. just another employee

      UK had a data protection act prior to the EU DPD. In fact - both those pieces of legislation are basically trying to implement a much earlier (1940/50's?) UN human rights clause.

      Leaving EU will not affect UK DP abilities or how good/bad we are perceived by non-EU. With or without GDPR.

      As for the EU - if they choose to cut of the outside world that is their choice.

      1. heyrick Silver badge

        "Leaving EU will not affect UK DP abilities or how good/bad we are perceived by non-EU. With or without GDPR."

        You think?

        Isn't the UK DPA plus the "Snooper's Charter" basically a "lite" version of what the US is doing that the EU is complaining about?

    2. IsJustabloke
      Trollface

      "There's no reason to assume we'll get rid of any laws to begin with. Any that get jettisoned will surely be made on a case by case basis."

      We'll have none of your sense in this thread!

      Now grab your pitchfork and fire up that cross! And no I don't give a toss which way you voted!

    3. Tom Paine

      Go back and re-read the article.

    4. Anonymous Coward
      Anonymous Coward

      EU Regulation and EU Directives - understand the difference

      I think there is an important point here, which impacts many areas of the law.

      If the EU sends a Regulation, then that EU law will automatically apply in each member state.

      The GDPR is EU Law.

      When we leave the EU, it simply no longer applies at a stroke.

      But if the EU sends a Directive to members, then each country will enact a law in it's own legal system. That's what happened with the DPA.

      So the DPA is a UK law.

      It will not change when we leave the EU.

  10. This post has been deleted by its author

  11. John Smith 19 Gold badge
    FAIL

    so from limited (DPA 1998) to excellent (GDPR compliance) to s**t (Art 50 trigger+2 Years)

    What an almighty clusterf**k

    Still the UK can still dump all it's data into the US without any problem. Yay.

    Not so sure how many other European countries (yes Britain is a part of the European land mass, whatever they think) will want to send any of their data to the UK if they can help it.

    One interesting side effect of Brexit will be to see just how "special" the special relationship with the US is once the UK is no longer it's back door stepping stone into Europe.

    1. Tom Paine

      Re: so from limited (DPA 1998) to excellent (GDPR compliance) to s**t (Art 50 trigger+2 Years)

      Still the UK can still dump all it's data into the US without any problem. Yay.

      in practice, yes, but in theory that's been illegal since the US' status as Safe Harbour was struck down.

      https://www.theguardian.com/technology/2015/oct/06/safe-harbour-european-court-declare-invalid-data-protection

  12. jason 7

    People need to wake up to the fact...

    ...that 'borders' as we know them no longer exist. It's one big world of data.

    1. just another employee

      Re: People need to wake up to the fact...

      School boy error 101

      Confusing Data with Information, knowledge and enlightenment.

      Most data (I don't know the exact percentage but its gotta be very high) is total garbage.

      GIGO.

      You just did GO based on GI.

    2. RegGuy1 Silver badge

      Re: People need to wake up to the fact...

      What bollocks.

      We are an island. We are great (we even have that in our name).

      We have just won control back. Did you not notice?

      Borders in data have gone! What a stupid statement.

      Now, what does this Windows key do again...?

      ... oh fuck!

  13. Domquark

    Compliance

    UK companies and organisations must comply with GDPR. Even if Article 50 was triggered tomorrow, the end point would be Sept 2018. GDPR compliance must be made [for all European nations] by May 2018, so there would still be a 4 month period where the UK would have to be compliant (until the 2 year period after triggering Article 50 is up, the UK would legally still be a part of the EU and subject to it's laws). As it stands, it's doubtful that the UK will initiate Article 50 until early 2017, meaning the UK would have to be compliant for at least 8 months.

    Additionally, it would be crazy not to be GDPR compliant after Brexit.

    Firstly, why waste all that hard work becoming compliant? After all, GDPR is going to generate many new jobs in the IT industry (for example the DPO role that many companies will need) and increasing security for people's data can only be a good thing.

    Secondly, I'm sure many UK companies would still continue to do business with European companies and individuals. Showing that the UK/UK Companies are GDPR compliant would also go a long way to help exit/future relationship negotiations with the EU.

    1. Doctor Syntax Silver badge

      Re: Compliance

      "Additionally, it would be crazy not to be GDPR compliant after Brexit."

      I agree with you but there are a lot of crazy people out there. And some of them will be looking at the issue and thinking "that's a lot of work" and then "if we don't do it there's only a few months when someone could catch us out and even if they catch us out they won't have time to do anything about it".

      There's the additional complication that whatever businesses do about compliance the effect of investigative powers legislation might be to undermine any chance to be seen as compliant from the EU perspective.

      1. Domquark

        Re: Compliance

        Agreed, there may be people out there willing to risk it, but the attitude of many Eurocrats is "We want to make it as hard as possible [on the UK], to set an example to dissuade any other [member] states from following the UK and leaving the EU". I am sure that any UK company found to be non-compliant would be have their cases rushed through the EU courts to ensure they are hung, drawn and quartered before the terminal point of Article 50, don't you think?

        "There's the additional complication that whatever businesses do about compliance the effect of investigative powers legislation might be to undermine any chance to be seen as compliant from the EU perspective."

        I'm sure that there are many people on here that feel that the Data Retention and Investigatory Powers Act goes too far. GDPR could be the saving grace, to temper what is basically a Bill which legalises state sponsored spying on it's people (usually under the scaremongering banner of terrorism). Furthermore, non-compliance [of GDPR], combined with Data Retention and Investigatory Powers Act, may make the UK a pariah state (in Europe's eyes), forcing many businesses to mainland Europe after Brexit, potentially causing considerable job losses.

        What we really need to know for definite (from the UK Government), is whether or not the UK will retain GDPR post-Brexit.

        1. Doctor Syntax Silver badge

          Re: Compliance

          " I am sure that any UK company found to be non-compliant would be have their cases rushed through the EU courts"

          "Rush" and "courts" in the same sentence. Does not compute.

          1. eionmac

            Re: Compliance

            No language allows 'rush' and 'courts' in the same sentence, However yes the UK can 'may appear to rush things', same procedure; cease to trade as a company , in UK 10 days , in Italy 7+ years in my personal experience. It was a cessation of an unincorporated joint venture where each party has to cease under its own laws.

        2. John Smith 19 Gold badge
          Unhappy

          "What we really need to know for definite""whether or not the UK will retain GDPR"

          Excellent question and a simple yes or no from the UK Government would let people start planning this with confidence.

          Let's see if HMG can manage such a statement in less than a few years.

    2. Tom Paine

      Re: Compliance

      UK companies and organisations must comply with GDPR

      And who's going to enforce that, pray tell? If you said "the ICO" -- I suggest you look into their powers and the size of their budget, and then contemplate the number of Data Controllers and Data Processors in the UK economy...

  14. Doctor Syntax Silver badge

    "Those firms that fail to meet GDPR standards may simply find they their ability to work with EU clients profoundly challenged."

    s/firms/countries/

    1. just another employee

      .. EU firms ..may simply find they their ability to work with non-EU clients profoundly challenged

      FTFY

  15. Sorry, handle already taken

    I think you will find there are 8 principles in the Data Protection Act 1998, not 7 !!!!!

  16. Anonymous Coward
    Thumb Up

    All it is..

    Is another lay of bureaucracy nothing more.

    As someone all pointed out the world is one big data point.

    If a country, business or individual wants a certain level of data protection then simply get your data centre to sign a contract to that level of security, if they break the contract, move your data and sue them.

    If your worried about government snooping, then another lay of bureaucrats isnt going to fix anything.

    Governments need to provide reasonable cause before getting a court order and grabbing the data under current laws which they generally if not ignore are simply rubber stamp over.

    And when it comes to the UK & US, they have listening stations all over the planet and they grab your data out of the air.. so yeah a lay of bureaucracy really going to help there...

    1. Domquark

      Re: All it is..

      Where do I start?

      To answer your points:

      If a country, business or individual wants a certain level of data protection then simply get your data centre to sign a contract to that level of security, if they break the contract, move your data and sue them.

      This is addressed [very] comprehensively in GDPR. It goes further, to include (read: require) risk assessments, conducted by both the data owner and the data centre.

      If your worried about government snooping, then another lay of bureaucrats isnt going to fix anything.

      It will if GDPR trumps the Data Retention and Investigatory Powers Act. GDPR not only ensures that any company that has your details are responsible for your details, but those details are private and should not be shared with anyone without your express permission.

      Governments need to provide reasonable cause before getting a court order and grabbing the data under current laws which they generally if not ignore are simply rubber stamp over.

      This is a major argument against the Data Retention and Investigatory Powers Act, as it does not require ANY judicial oversight to government "data grabbing". So no court order (or reasonable cause) needed.

      And when it comes to the UK & US, they have listening stations all over the planet and they grab your data out of the air.. so yeah a lay of bureaucracy really going to help there...

      That may be, but the evidence gathered is not (generally) admissible as evidence in a UK/US court of law. Nor would any government admit to "grabbing your data out of the air" from a listening post in a public court of law.

    2. eionmac

      Re: All it is..

      "out of the air" and from under the sea.

  17. open_paul

    GDPR will apply if you have EU customers

    The article is good but a little misleading. No matter when (if?) Brexit happens, any UK company that holds data on an EU citizen anywhere will have to comply with GDPR.

    For example, if you are an Exporter of widgets and have customers in France or Germany, you will need to ensure that your processes around personal data (whether you're B2B or B2C) abide by GDPR. In this case, if you had a breach, both the French and German regulator could come after you.

    This needs to be made super clear to people - Brexit is not an excuse to ignore GDPR.

    1. Doctor Syntax Silver badge

      Re: GDPR will apply if you have EU customers

      "The article is good but a little misleading. No matter when (if?) Brexit happens, any UK company that holds data on an EU citizen anywhere will have to comply with GDPR."

      Hmmm. Not quite. If the company already holds that data that alone won't make them have to comply because post-Brexit they'll be outside the jurisdiction of the EU. There may be contractual issues with an EU customer if they have one but in that case it would be the customer at risk of non-compliance.

      OTOH any UK company that wants to acquire such data from an EU customer will have to comply.

  18. Tom Paine

    On topic: Data protection

    (Disclosure: I have, in my time, been the ICO-registered Information Security Officer responsible for my then employer's data protection processes.)

    In the real world, many or most SMEs and probably quite a few larger enterprises are just going to ignore any new data protection requirements on the basis that they'll be going away shortly after coming into effect. For almost all of those organisations, that gamble will pay off. The only organisations that will suffer will be the ones that get compromised and lose a lot of customer PII, or leave unencrypted laptops in taxis, etc, *and* that the poor bastard doing my old job decides his/her personal legal liability for not notifying the ICO of the breach outweighs the enormous pressure the business will put on them to keep schtumm and hope it all goes away again. Although the ICO has an impressive list of past fines on their website*, for almost everyone else there's nothing to see here.

    (I must emphasise that I don't think that's a GOOD thing -- just realistic.)

  19. Anonymous Coward
    Anonymous Coward

    GDRP despite Brexit

    GDPR applies to any company that processes data belonging to residents of the EU, it doesn't matter whether the company is part of the EU or not: American companies will have to comply too.

    1. Doctor Syntax Silver badge

      Re: GDRP despite Brexit

      Oh yes? Who's going to make them? It'll be the EU courts that enforce it and they can only do so on entities within their jurisdiction.

      If the non-EU company is going to process such data for an EU customer then it will be incumbent on that customer to require compliance as part of the contract. If the company fails to comply it will be a breach of contract and a civil matter for the customer to take up in whatever court has jurisdiction over the contract.

      It's not the same thing.

      1. Seajay#

        Re: GDRP despite Brexit

        and they can only do so on entities within their jurisdiction

        True but any company big enough to worry about has a subsidiary / tax dodge in the EU.

        EU shock troops aren't going to be landing at mountain view but they don't need to, they can just fine the hell out of Google Ireland.

  20. Anonymous Coward
    Anonymous Coward

    6th May 2018 - Article 50 deadline

    The UK Government has to postpone invoking article 50 until after then to ensure the election overtakes it.

    The EU has to force it before then to allow the UK pension spongers to be deported and the walls of Festung Europa to be built to appropriate heights.

    Paris wonders "why?"

    1. Chris G

      Re: 6th May 2018 - Article 50 deadline

      Curious to know what you think a 'pension sponger' is?

    2. Anonymous Coward
      Anonymous Coward

      Re: 6th May 2018 - Article 50 deadline

      How could the EU possibly "force" the UK to trigger it? It is entirely up to the UK to determine the timing - or to do it at all.

      Personally I think the UK government will be unable to reach agreement to do it, because as far as I know it is still unclear who or how it is trigger in a way that is official to the EU, and there seems to be a lot of Brexit-regret.

  21. Yes Me Silver badge

    Looming?

    "Article 50, the process for Britain’s formal withdrawal from the European Union, is looming..."

    I'm confused why everybody assumes that Dictatrix May will actually perform the ultimate stupidity of invoking Article 50 without a Parliamentary vote. I know she's said that she will, but by the end of the year all pretence that any of the Leave fantasies can be made real will certainly have vanished, and I expect Minister-for-National-Suicide Davis to be looking very sheepish. The risk of losing a vote of confidence will be very high if she dares to bypass the Commons on such a matter.

    All the same, it does seem wise to make a plan for moving data centres to another part of the EU.

    1. Seajay#

      Re: Looming?

      It's a tricky situation.

      You're right that the risk of losing a vote of confidence exists if she dares bypass the Commons but what about the risk of losing an election if the Commons dares bypass the popular vote?

      I think it would be foolish to be confident about either outcome.

  22. Old Tom
    Boffin

    Two years is the maximum

    Will everyone stop saying that we leave two years after Article 50 is triggered? Two years is just the timeout period if agreement hasn't been reached (unless an extension is agreed).

    3. The Treaties shall cease to apply to the State in question from the date of entry into force of the withdrawal agreement or, failing that, two years after the notification referred to in paragraph 2, unless the European Council, in agreement with the Member State concerned, unanimously decides to extend this period.

    1. allthecoolshortnamesweretaken

      Re: Two years is the maximum

      Yes it is. But given what has to be negotiated and how, and given that triggering the timeout will pretty much leave the UK in an unfavourable position, they'll be needing those two years.

  23. Champ

    Maybe Brexit won't happen

    I'm becoming more hopeful that Brexit won't happen.

    Mayes won't trigger it without a commons vote - she'll have received advice that there is a real legal question that Crown Perogative would not extend to triggering Article 50. She'll then look at the commons, and see that there'd be a real chance of losing such a vote. So then it'll come down to the next election, and who knows what would happen then

  24. MattP1821

    .Brexit

    First point, what on earth are the dodgy Civil War comments doing against this Brexit article - not the place i don't think!!!

    Secondly are these comments accurate or are they matter of opinion in terms of when the UK leave the EU then the GDPR wont have to apply unless we decide to uphold it within our own laws and have our own Privacy Shield type agreement?

    From what I have read elsewhere the GDPR will apply to all countries worldwide where those companies store and/or process EU citizen data. So for those companies that do their seems to be no choice, no need for Safe Harbour style agreements unless you are a UK organisation being passed EU data. If as my company does, you collect EU data directly from EU consumers then there is no choice we have to abide by GDPR just as the US , Canada, China etc... have to.

    I am missing the point as to why any none EU country needs a Privacy Shield type agreement in place if EU member states will insist on the GDPR being applied by companies worldwide who process and store EU data - surely this should be the agreement. If EU companies want to use UK,US or other non EU countries for processing or storing data then they simply insist on the GDPR being applied there.

  25. mhenriday
    Unhappy

    «Accomodating» is the word

    «“My opinion is that UK businesses will continue to enjoy a good latitude and freedom to transfer data to the US after Brexit,” [lawyer Ashley] Winton said, arguing that the UK ICO has always been accommodating when it comes to data transfer issues.»

    Quelle surprise !...

    Henri

    1. subject

      Re: «Accomodating» is the word

      @mhenriday: don't worry, I think Mr Winton is utterly wrong on both the ICO's accommodation and the ICO's relevancewhen push comes to shove (he ain't ever seen automated litigation). Of course I'm a lawyer too, so neither of us have a clue ;)

  26. Seajay#

    Tearing ourselves away from endless Brexit analysis for a moment

    I thought this line in the article was interesting.

    Individuals have a right not to have decisions made about them without human intervention, such as credit approvals and e-recruiting

    Wowsers, algorithms making decisions are now illegal? Have they just banned everything from automated comment moderation to internet dating to car insurance?

    I'm guessing that is not what was intended but that's the trouble with broadly worded regulation. You don't have to ban things to discourage them just put enough doubt out there that someone considering a startup decides they don't want to bet the farm on an interpretation of the rules.

    1. subject

      Re: Tearing ourselves away from endless Brexit analysis for a moment

      @Seajay: don't get too excited! The new anti-profiling rules are just a recycled version of the old Directive rules (cf section 12 Data Protection Act 1998). Just like the so-called "right to be forgotten" is just the recycled right to erasure (cf section 10 DPA). Plus ca change on the rules.

      Remember: nothing has been suddenly made illegal - in fact all data processing has been illegal by default (ie unless you can justify it) since 1995. Indeed that's the British way, not just the EU way (just look at Copyright Designs and Patents Act 1988), as my US intellectual property lecturer sardonically put it years ago. On top of that, look at British Gas' excuse "it was our computer wot done it not us guv!" in Ferguson v British Gas, one of the funniest Court of Appeal judgments I saw last decade.

      On your specific query, it's quite simple. Part of what you have to do to legitimize use of profiling algorithms is to disclose to your customers the substance of what the algorithms do (see for example Article 13). As someone working on profiling algorithms for "big data" decades before it was called that, I heartily endorse this approach.

      The real differences are: now they'll be enforced. And everyone and his dog can enforce them. And now the fines are existential. At last people will be dragged kicking and screaming into the late 20th century...

      And don't worry about startups. The GDPR will supercharge the internet of things by (inadvertently) destroying all the barriers to competition in that field. I leave it as an exercise for you to work out how... :).

  27. subject

    Well done Mr Bradbury: by far the most insightful article on Brexit and the GDPR I've seen in a trade journal. There are some extra reasons nobody in the UK is likely to touch the GDPR for a while (associated with means, motive and - as a Home Office project - opportunity), but that's just icing on the cake.

    That said, the GDPR is already embedded into UK law and it provides many commercial opportunities as well as threats. The mere fact it doesn't come into force in May 2018 doesn't mean parts of it (notably some of the Recitals) can't be exploited right now by companies - whether defending themselves against e-discovery in foreign law cases brought in civil and criminal jurisdictions (in my experience the "usual suspect" governments and competitors are found in the USA and Australia), or seeking to damage bigger competitors (as Google recently discovered), or taking advantage of the way the GDPR will eliminate many barriers to IoT startups.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like