The world's leading privacy pros talk GDPR with El Reg You know, we know, everyone knows… the EU's General Data Protection Regulation goes into effect May of next year for every member of the European Union, and that will include the United Kingdom. Of course, the UK will eventually leave the EU and what happens then will be a very interesting question according to Trevor Hughes, …
"the market will have already had to adapt to GDPR and will have made investments in doing so"
More likely large swathes of the market will be hoping it just goes away with Brexit.
"once Blighty departs from the EU's jurisdiction, we will need a piece of legislation that mirrors GDPR carefully"
I thought the theory was that all those EU regulations that automatically became part of UK law would remain so on Brexit unless specifically repealed. If so the default solution here is to do nothing in which case UK law not only mirrors GDPR, it will continue to be GDPR.
The UK will have a law that pushes all EU laws into UK law. But experts, or something, lol. Yeah you're completely right such a law won't need to exist because it explicitly already will. I suspect parliament might chose to remove a lot of the GDPR stuff because it's mostly garbage written by the same idiots who with stunning naivety brought you such hits as 'Safe Harbour' and their follow-up smash hit 'Privacy Shield' - no saying how many years that will take though.
There's no reason the UK needs this to exist in own laws, if companies want to deal with private data of EU citizens post leave they can chose to follow these rules for their data. Or chose not to deal with the private data of EU citizens (why would you want to anyway?).
GDPR stuff [is] mostly garbage written by the same idiots who with stunning naivety brought you such hits as 'Safe Harbour' and their follow-up smash hit 'Privacy Shield'
I think it's largely written by the group who were severely critical of that garbage. In fact, ISTM that it's the response to those that's finally worked its way through the legislative process.
It's a commission regulation. It's arguably worse in many respects, when the European Parliament tried to get the fines (modestly) increased the commission did the normal EU thing and took them out to the woodshed and bashed them with a 2x4 until they complied - and it's still enforced by the Art 29 clowns under a new name. Same shit, different day. Also it's going to be all on Ireland once again and they're - again - mysteriously (nothing to do with tax collected, obviously) not going to have the resources to deal with the issues that arise. It exists purely to annoy US companies and promote the *appearance* the commission recognises the existence of the Charter rather than actually give EU citizens any protections.
The day the UK manages to leverage itself out this shitshow...
Even before 9/11 there were lot's of incentives (economic or otherwise) to spy on others and gather as much data as possible for purposes of law-inforcement.
These days thanks to the internet it's just a lot easier to gather information since everyone and everyting is connected...
I think data-monetization is just the next logical evolutionary step...
No, privacy isn't dead yet, but to understand that you have to observe a curious hole in the IAPP's coverage - a hole that has existed for as long as it has been certifying people.
Once you have found that, you may understand that all that shows at IAPP may not be the actual game.
... than NSA & C. Because they are more greed, and willingly to monetize data quickly. That's not to diminish the danger TLAs poses, but let's not look at it only, while commercial companies gather and use private data at will - and often against a large number of usersproducts, if that means large revenues for the few real users of this system.
Anon, for obvious reasons <G>.
once Blighty departs from the EU's jurisdiction, we will need “a piece of legislation that mirrors GDPR carefully, so as to leverage the fact that GDPR was already put in place...”
No we won't.
That's exactly the intention of the misleadingly-named "Great Repeal Bill", which will transpose EU law into domestic law on exit day. In other words, GDPR (and all other EU law) will stand until the UK Parliament decides it needs to be changed.
This very question became a matter of vital and very real concern for me today. I'm long-term unemployed and finding it very difficult to re-enter the workplace because of a gap in my employment history brought about through a nervous breakdown and my previous employer not wanting to give me a reference. As you may know, parts of the social welfare (notably, what is called "activation" for long-term unemployed) have become privatised in recent years both in the UK and in Ireland.
I received a letter last week "inviting" me to sign up with a company called "Turas Nua", with the threat that if I did not, my jobseeker's allowance would be cut. I attended the meeting today and discovered three very disturbing points:
At the end of the session, after I had pointed out these things, I was asked to sign a declaration and consent form. It asks me after the fact whether my details can be processed by them. These are three massive breaches of the privacy of people being sent on these schemes. If I sign, I am effectively surrendering my rights to privacy and probably subjecting myself to a year of hell, while if I refuse, I will either lose benefits or find myself in a different kind of hell: that of fighting against the civil service to assert my right to privacy, a right that they don't seem to hold in very high regard.
Before anyone complains and calls me a malingerer or whatever, I do want to get back into the workplace and I am doing what I can to make it happen. Short of lying about the period I've been unemployed or being shoved into a miserable job that I'm not suited to (both of which I've been advised to do in the past, and will no doubt be "advised" to me again by Turas Nua), I despair of being able to get back to meaningful employment.
To bring it back to the topic of "Standard Contract Clauses" (the current fig-leaf used to justify data sharing with the US), I have two things to say:
Corporate privatisation of our personal data is shaping up to be the next thing that's "too big to fail". We need many more people like Schrems if there's to be any chance of stopping this.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
