In Germany, the first panic regarding the EU General Data Protection Regulation (GDPR) has subsided. But what is the situation in the United Kingdom? Is the Brexit a kind of “GDPRexit”? Are British companies and agencies still interested in EU legislations at all? Sympra asked Aimee Postle from Prova PR, our partner agency in Warwick.
What are the most important changes with the GDPR compared to the previous data protection laws? In general and specific for agencies like Prova?
Aimee: GDPR places a lot more emphasis on the record-keeping around consent when it comes to retaining and using personally identifiable data. While organisations needed to ensure consent under the previous regulations, GDPR offers a more structured framework to comply with.
What do British agencies and companies in general think about the GDPR? Do they care about the European law?
Aimee: There was a lot of media coverage around GDPR and many of our clients had questions about how they would be affected. The PR and marketing world understands why the regulation is in place but there was initial misunderstanding in the sector around the impact that it would have on managing communications channels responsibly.
In Germany there was some panic at first, because many were afraid that they would no longer be allowed to do anything with personal data. Has there been anything similar in the UK?
Aimee: There was initial GDPR panic, with many organisations wondering how to ensure compliance. As GDPR is a bit of a ‘grey’ regulation i.e. it is about intent and not just action, there were concerns about how companies could prove they were compliant. High profile stories included the pub chain Wetherspoons deleting it’s entire email database rather than trying to unpick and prove compliance.
What role does Brexit play for the future validity and in discussing and handling the GDPR in UK?
Aimee: It is likely that the USA will implement a similar policy to the EU GDPR regulations and so, essentially, anyone wishing to trade outside of the UK will need to comply, regardless of Brexit. The regulations will apply to personally identifiable information of anyone in the EU and, potentially, the USA – a large number of global citizens.
Thank you, Aimee!