Brexit Won’t Change Treatment of Data

The Brexit caught many people unaware and forced them to think through some digital media issues in rather a hurry. The UK has just released new privacy and security guidelines– based on the UK’s understanding of the General Data Protection Regulation (GDPR)– that will take effect in 2018, the year the Brexit is actually supposed to occur. The UK and EU have already diverged from the US by requiring all sites that use cookies to announce the policy on first visit.

British data security experts have told us privately that most visitors just click right through and accept the use of cookies, however. The practice of announcing that a site uses cookies is becoming more widespread in the US as well, and does not seem to be the reason the US is seeing the spread of ad blocking.

So cookies are not the major issue: then what are the important components? For the US, the most important issue seems to be on the security side, as US and state regulators try to prevent hacking and release of potentially personal information.  One of the problems with the US is that security is handled by the states. And the US first amendment freedoms create issues with the EU’s laws.

The EU comes at privacy and security by emphasizing the privacy side — the right of individuals to control their own data, and a prohibition against collecting data without a “legitimate purpose.” It also provides no threshold for the right to be forgotten, which is in direct conflict with the freedom of speech guarantees in the US.

If you then throw in the Brexit, the UK, which is the center of digital publishing and advertising in the EU, would have much to do complying on the one hand with US regulations and on the other with EU laws, especially when dealing with so many other potentially difficult issues.

Thus, the UK is expected to ignore the Brexit for purposes of data privacy and security, and throw its lot in permanently with the EU. It makes little sense to do otherwise, as for the next two years the UK will have to go along with everything the EU is doing to get ready for the new regulation anyway.

Moreover, companies that offer cloud-based services, no matter where they are based, will have to comply with the most stringent regulations or face fines.

What do these new regulations mean for publishers and marketers? Well, for starters the new regulations are predicted to create 28,000 new Chief Privacy Officer jobs over the next two years. Both publishers and marketers will have this window of opportunity to figure out how to serve their own ends and still operate within the EU’s GDPR.