In 2016, the United Kingdom (UK) voted to depart from the European Union (EU), commonly referred to as “Brexit.” This decision had several implications for cybersecurity laws, considering existing EU laws would no longer apply to the UK after Brexit.
In summary, the DPA 2018 fulfills three primary purposes for the UK: Allows the UK to adopt the EU GDPR into their national legislating process formally It gives the UK authority to amend and exempt parts of the EU GDPR that may or may not apply to the UK Extends UK data protection regulation to new areas not initially included in the EU GDPR
This section contains more definitions and regulations about data protection for data processing under the EU GDPR and data processing that the EU GDPR does not cover.
The UK General Data Protection Regulation (UK GDPR)