Brexit won't banish EU data rule, techies told

The UK choosing to no longer be part of the European Union does not mean its techies will no longer be affected by an incoming EU data protection rule, a software security firm says.

In fact, UK companies with clients in the EU must ensure they comply with 2019’s General Data Protection Regulation if they want to keep trading with them, warns Ground Labs.

The firm issued the alert in light of a number of UK outfits making “entirely unfounded” claims that GDPR’s requirements will be overridden in light of the UK’s Brexit decision.

“One common misconception is that the GDPR applies to companies within Europe, but it’s actually designed to protect European consumers,” said Ground Labs’ John Cassidy.

“This means that if you are handling even one European customer’s personal information, you are tasked to handle his information in line with the GDPR, or face the consequences.”

The firm also spoke about a “potential grey area” of the applicability of GDPR for UK businesses dealing with EU citizens based within the UK.

It comes as the Information Commissioner has indicated that once the UK completes its divorce from the EU, new regulations - similar in scope to GDPR - would need introducing.

“GDPR is not going away,” said Mr Cassidy. “Brexit is certainly not a green card for those wishing to avoid the reputational damage, financial losses and considerable fines associated with a security breach.

“These data regulations should not be seen as extra homework to be dodged, they are designed to prevent devastating data breaches that can cost millions and could lose you customers.”