Connect with us

Hi, what are you looking for?


My data protection predictions for 2021 


In my last column, I looked back at 2020 from an information law perspective. It’s safe to say that no-one would have predicted a year like 2020. And so it’s with some trepidation that I look forward to what we might expect in the year to come.

Inevitably, some of the trends that we saw in 2020 will continue. Despite positive news about the development of several vaccines, COVID will be with us for the foreseeable future. And as vaccines are rolled out, and testing improves, we may see novel information challenges. Will businesses start asking customers to provide proof of vaccination as a condition of service? Will the Government choose to issue the lucky ones with vaccination certificates? These scenarios will continue to test our data laws in 2021.

But if 2020 was all about COVID, we can’t look ahead to 2021 without talking about Brexit. For the second time in a little under three years, the UK’s data protection laws are being re-written. From 1 January 2021, the UK will no longer be required to follow EU law. The GDPR, as a European regulation, will no longer automatically apply in the UK. Instead, we’ll all need to get used to talking about its successor, the UK GDPR. This will be especially challenging for UK-based businesses which offer goods or services directly to consumers in the EU, as they will need to continue complying with the EU GDPR for their EU-based customers while adapting to the new UK GDPR for UK customers.

The good news is that the UK GDPR looks a lot like the EU GDPR. In fact, it’s largely a cut-and-paste job, with minor changes to replace references to the EU with the UK and to remove the requirements around international co-operation and the ICO’s international role. The one exception to this is around international data transfers. In my last column, I mentioned the judgment in the Schrems II case, published last July, which led to the demise of the EU-US Privacy Shield. Unfortunately, things are going to get a lot more complicated in 2021. UK-based businesses that have customers in the EU, or which use service providers based within the EU, will need to get to grips with the new rules on international transfers. As the UK will no longer be part of the EU, data transfers from the UK to the EU, and from the EU to the UK will be subject to new restrictions, the former contained within the UK GDPR and the latter in the EU’s GDPR. And this could be subject to last-minute changes should there be a trade deal between the UK and the EU.

Looking a little further ahead, the two sets of laws will inevitably drift apart. We had a small taste of how that might work in December when the UK Government announced its Online Harms Bill and then a day later the European Commission announced plans for a Digital Services Act. These two very different legislative plans share a similar objective of regulating the US big tech giants. Expect to see more of this type of duplication.

In addition, we have a Brexit government. One of the stated purposes of Brexit, if you can remember back to 2016, was to take back control of our laws. And many of our information laws are heavily influenced by European law – not only data protection but also the Environmental Information Regulations and the Re-use of Public Sector Information Regulations. So what might the UK Government do when it is no longer constrained by EU law? We don’t know but don’t expect to see a significant shakeup, at least in the short term. I don’t sense any big appetite for change, and there will be a lot of competing priorities in 2021.

Nevertheless, as a data protection lawyer, I would be the first to welcome improvements to our data protection laws. As they stand, they are overly complex, difficult to interpret and largely impenetrable for the majority of people. Businesses struggle to apply them to everyday situations and are often at the mercy of bad advice, which does nothing to improve compliance but can cost a fortune. There’s a lot of room for improvement, without necessarily reducing the rights for individuals or security of data. But perhaps that’s a topic for another column.

Lastly, we will see a change of Information Commissioner in 2021. Elizabeth Denham’s five-year term in the post comes to an end in July 2021. The ICO is now a big and powerful regulator, but it remains on one level the personal office of the post-holder, with the ICO’s priorities and approaches a reflection of the incumbent Commissioner. While we don’t know precisely in which direction the new Commissioner may choose to take his or her office, we can expect a change of emphasis as the new appointee seeks to make their personal mark in 2021.

Of course, if it’s anything like 2020, you should expect the unexpected in 2021!

Read more:
My data protection predictions for 2021 

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Get the daily email that makes reading the news actually enjoyable. Stay informed and entertained, for free.
Your information is secure and your privacy is protected. By opting in you agree to receive emails from us. Remember that you can opt-out any time, we hate spam too!



Finding a property to settle in after years of being in the pandemic may leave home seekers and smart investors wary of whether their...


  Spotlight is BusinessWorld’s sponsored section that allows advertisers to amplify their brand and connect with BusinessWorld’s audience by enabling them to publish their...


As part of its development agenda for Pakil in Laguna, Ahunan Power Inc. (Ahunan) launched a corporate social responsibility (CSR) program dubbed “Tayo Na...


By Kyle Aristophere T. Atienza and Revin Mikhael D. Ochave, Reporters AN INVESTIGATION is underway over the “illegal” sugar importation order that was aimed...


By Diego Gabriel C. Robles THE PHILIPPINES now aims to become a high-income economy by 2045 at the latest, Socioeconomic Planning Secretary Arsenio M....


THE SY SIBLINGS remained the richest in the Philippines, despite a $4-billion drop in their net worth in 2022, according to Forbes Asia. The...

You May Also Like


Having a good Instagram marketing agency to back up your Instagram account is an absolute must going into the new year. With competition stronger...


Ivermectin, an existing drug against parasites including head lice, has had a checkered history when it comes to treating COVID-19. The bulk of studies...


Insomnia is the most common sleep disorder in the global population. Therefore, it is a problem that many people suffer or have suffered throughout...


Instagram still holds the top spot for social media in terms of building brand reputation and expanding business potential. Every day, more and more...

Disclaimer:, its managers, its employees, and assigns (collectively "The Company") do not make any guarantee or warranty about what is advertised above. Information provided by this website is for research purposes only and should not be considered as personalized financial advice. The Company is not affiliated with, nor does it receive compensation from, any specific security. The Company is not registered or licensed by any governing body in any jurisdiction to give investing advice or provide investment recommendation. Any investments recommended here should be taken into consideration only after consulting with your investment advisor and after reviewing the prospectus or financial statements of the company.

Copyright © 2021 SmartRetirementReport. All Rights Reserved.