Hacker News new | ask | show | jobs
by josephg 1957 days ago
Is the GDPR still in effect in the UK, now you've left the EU?
3 comments
kachnuv_ocasek 1957 days ago
Yes. It’s not like all the EU laws the UK had adopted before Brexit suddenly went out the window overnight.
link
datenhorst 1957 days ago
Not necessarily true, since regulations are EU law that is immediately enforceable in member states, and are not generally transposed into state law.
link
mamon 1957 days ago
I guess it depends on the country. In Poland my experience is that every time EU passes some regulation Polish parliament passes the corresponding bill implementing it. So even if we left EU tomorrow those bills will still be in effect.

Also, I'm not sure about this "immediately enforceable" part - I recall some cases where member states delayed implementing EU laws for years, sometimes ending up being sued to European Court of Justice.

link
codethief 1957 days ago
> I guess it depends on the country.

AFAIK it works pretty much the same in all countries and only depends on whether it's an EU regulation[0] or an EU directive[1].

[0]: https://en.wikipedia.org/wiki/Regulation_(European_Union)

[1]: https://en.wikipedia.org/wiki/Directive_(European_Union)

link
diroussel 1957 days ago
EU Regulations and Decisions directly affect member states. Whereas EU Directives require member states to enact new laws.

As the GDPR is a regulation, it directly applied to member states.

When the UK left the EU they made a paralled law

> The GDPR has been incorporated into UK data protection law as the UK GDPR see: https://ico.org.uk/for-organisations/dp-at-the-end-of-the-tr...

link
prima-facie 1956 days ago
Yes, the UK has the DPA-2018 legislation which basically implements GDPR in the UK. [1] Its application is supervised by the ICO. Subject Access Request can be issued to pretty much any public institution / company [2]

"You have the right to find out if an organisation is using or storing your personal data. This is called the right of access. You exercise this right by asking for a copy of the data, which is commonly known as making a 'subject access request"

[1] https://en.wikipedia.org/wiki/Data_Protection_Act_2018

[2] https://ico.org.uk/your-data-matters/your-right-to-get-copie...

link
datenhorst 1957 days ago
GDPR directly doesn't apply to the UK anymore (except for organisations that handle data of EU citizen, of course) but the UK chose to enact the GDPR into UK law via the Data Protection Law of 2018, which is aptly dubbed "UK GDPR".
link