The General Data Protection Regulations (GDPR) will apply in the UK from 25th May 2018.
The government has confirmed that the UK’s decision to leave the EU will not affect their commencement.
They apply to ‘controllers’ and ‘processors’. The controller says how and why personal data is processed and the processor acts on the controller’s behalf. If you are currently subject to the Data Protection Act, it is likely that you will also be subject to the GDPR.
If you are a processor, the GDPR places specific legal obligations on you; for example, you are required to maintain records of personal data and processing activities. You will have significantly more legal liability if you are responsible for a breach. These obligations for processors are a new requirement under the GDPR.
However, if you are a controller, you are not relieved of your obligations where a processor is involved – the GDPR places further obligations on you to ensure your contracts with processors comply with the GDPR.
Much of the UK’s current legislation is derived from the European Union. When the UK leaves the EU there needs to be a level of continuity. To provide this the Government intends to introduce the Great Repeal Bill which will do three things:
Repeal the European Communities Act 1972. This legislation provides legal authority for EU law to have effect as national law in the UK. This will no longer be the case after Brexit.
Bring all EU laws onto the UK statute books. This means that laws and regulations made over the past 40 years while the UK was a member of the EU will continue to apply after the Prime Minister triggered Article 50 on 29 March.
Create powers to make secondary legislation. Technical problems will arise as EU laws are put on the statute book. For instance, many EU laws mention EU institutions in which the UK will no longer participate after Brexit, or mention “EU law” itself, which will not be part of the UK legal system after Brexit. There will not be time for Parliament to scrutinise every change, so the bill will give ministers some powers to make these changes by secondary legislation, which is subject to less scrutiny by MPs.
The Data Protection Act 1998 requires everyone (e.g. organisations, sole traders, etc) that process personal information (data controllers) to register with the Information Commissioner’s Office (ICO), unless they are exempt.
On the Information Commissioner’s website is a registration self assessment which takes about 5 minutes to complete. By going through the questions you will be able to decide if you – as an individual or on behalf of your business or organisation – need to register with the ICO.
This is an interesting question which the group I was in debated at the F2 Business Huddle on Friday 10th February 2017.
Funnily enough on 13th February the BBC reported that customers of a large retail brand are being overcharged by out of date offers read more…
Without going into too much detail of contract law, the price marked on goods is called an invitation to treat. The customer offersan amount of money which may be acceptedby the retailer (or it may not). Of course, if the customer’s offer is the same as the amount marked on the goods the retailer is more likely to accept it, but the important point is that they don’t have to.
That is why a retailer is perfectly correct to refuse to sell a 50″ Flat Screen TV which has been mis-priced at £49.99 when it should be £349.99. What they should do is withdraw it from sale rather than just charging the higher price. Because if the retailer charges more than the price marked on the goods then they may breach The Consumer Protection from Unfair Trading Regulations 2008. This is also the case when the till is programmed with a higher price to that marked on the goods.
Do remember that, although not often used in retail shops in the UK, haggling is perfectly feasible.
The Financial Conduct Authority (FCA) is the conduct regulator for 56,000 financial services firms and financial markets in the UK and the prudential regulator for over 24,000 of those firms. This includes authorising Consumer Credit (including hire) Business.
The public register of authorised businesses can be found here.
Carrying out unauthorised credit business is an offence punishable by up to two years imprisonment or a fine or both. It can also mean that any agreements made are unenforceable and can be taken into consideration if an application for authorisation is made.
An individual carrying out a consumer credit business, appeared at Westminster Magistrates Court on 17th January 2017 charged with offences under the Consumer Credit Act 1974 and the Financial Services and Markets Act 2000. The case was sent to Southwark Crown Court for trial, and a Plea and Trial Preparation Hearing is provisionally listed to be heard on 14 February 2017.
It was alleged that the individual operated as an unlicensed consumer credit lender and conducted regulated activity without authorisation by entering into and administering regulated credit agreements as a lender. This type of financial service was licensed by the Office of Fair Trading (OFT) until 1 April 2014, when it became regulated by the Financial Conduct Authority (FCA).
This is the first time that the FCA has taken criminal action in a case related to its consumer credit powers.