HOW WILL GDPR AFFECT EMBASSIES AND CONSULATES







With the GDPR coming into force in the UK on 25 May 2018 it is worth highlighting that the regulations have a broad territorial scope. For embassies and consulates in particular, non-compliance with GDPR could have serious repercussions not just for the organisation itself but also for the citizens and commercial enterprises that rely on embassy or consular services.
WHERE DOES GDPR APPLY? EU EMBASSIES WITHIN THE EU AND ABROAD
Article 3 of the GDPR deals with territorial scope. Where will the new rules apply? For a start the GDPR broadens the international reach of EU data protection rules. They will apply to:
·      The processing of personal data in the context of the activities of an establishment of a controller or a processor in the Union, regardless of whether the processing takes place in the Union or not.
·      The processing of personal data of data subjects who are in the Union by a controller or processor not established in the Union, where the processing activities are related to (1) the offering of goods or services, irrespective of whether a payment of the data subject is required, to such data subjects in the Union or (2) the monitoring of their behaviour as far as their behaviour takes place within the Union
·      The processing of personal data by a controller not established in the Union, but in a place where Member State law applies by virtue of public international law.





Of particular note for embassies and consular offices the GDPR also states that:
“Where Member State law applies by virtue of public international law, this Regulation should also apply to a controller not established in the Union, such as in a Member State’s diplomatic mission or consular post.”
This means that even UK embassies or consular posts situated outside the EU will be caught by the new GDPR regime.
WHAT ABOUT NON EU EMBASSIES LOCATED WITHIN THE EU
Currently foreign embassies located in the UK are not subject to the full rigour of UK data protection law. This reflects their special status under international law. We cannot see any wording in Article 3 of GDPR that would change this.
HOW WE CAN HELP
Big Data Law is a London-based niche data protection law firm. We offer a range of GDPR compliance services to national and international bodies. For an initial conversation on your GDPR requirements call one of our specialist solicitors on 0203 670 5540.
 For an initial conversation on your GDPR requirements contact dataprotection Attorney London.


Location: 4 Bloomsbury Square, London WC1A 2RP, UK

Comments

Post a Comment

Popular posts from this blog

GDPR – IT’S NOT ALL ABOUT CONSENT

Image
The General Data Protection Regulation comes into force tomorrow. Despite what you may have heard, GDPR is not only about getting consent to process the personal information of those people your company interacts with. In the last few days, as the implementation date approaches, you may have been forgiven for believing this to be the case. A degree of panic among businesses appears to have set in regarding the consent issue. Stories of unnecessary GDPR consent emails clogging up inboxes have been widely reported. And the Information Commissioner’s website that contains detailed  GDPR compliance guidance  has crashed . Whether this is due to the sheer volume of traffic following relentless media pressure is unclear. At Big Data Law we have been advising on and  writing about GDPR implementation  for some time. Granted, it represents a big change for businesses that handle personal data with heavy fines a possibility. But it’s important not to overreac...
Read more

FACEBOOK, CAMBRIDGE ANALYTICA AND THE IMPACT ON GDPR ENFORCEMENT

Image
Facebook’s Mark Zuckerberg  has broken his silence to comment on the unfolding Cambridge Analytica data scandal. He has announced steps his organisation will take to deal with the fallout that has resulted from Cambridge Analytica’s acquisition of the personal data of up to 50 million Facebook users. As the hashtag #deleteFacebook gains momentum it remains to be seen whether Facebook’s actions will be enough to stem the slide in the company’s share price or to restore the credibility of the social media platform. But as we ready ourselves for GDPR, the Facebook/Cambridge Analytica debacle is sure to have repercussions for any company that holds personal data belonging to EU consumers. 3 REASONS WHY GDPR COMPLIANCE MORE IMPORTANT THAN EVER We believe the Cambridge Analytica story makes GDPR compliance more critical than ever for three reasons: ·       The furore has propelled the subject of data protection to the forefront of the politic...
Read more