The following Corporate Crime guidance note provides comprehensive and up to date legal information covering:
The General Data Protection Regulation (EU) 2016/679 (GDPR) on the protection of natural persons with regard to the processing of personal data and on the free movement of such data is directly applicable and fully enforceable in all EU Member States from 25 May 2018.
The GDPR made substantial amendments to data protection law in the UK. See Practice Notes:
The General Data Protection Regulation (GDPR)
Data protection principles under the GDPR
Sanctions and enforcement under the GDPR
Specific implementing legislation is not required, although the GDPR does allow Member States to introduce further domestic provisions in a number of areas. In the UK, this has been achieved by the Data Protection Act 2018 (DPA 2018). See Practice Note: The Data Protection Act 2018.
The DPA 2018 repealed the Data Protection Act 1998 (DPA 1998) from 25 May 2018 and creates a number of criminal offences relating to the processing and use of personal data in the UK, including an offence of unlawfully obtaining data under the DPA 2018. For information on these offences, all of which can be committed from 25 May 2018, see Practice Note: Offences under the Data Protection Act 2018.
Where a data protection offence occurred before 25 May 2018, it may still be prosecuted under DPA 1998 despite
**excludes LexisPSL Practice Compliance, Practice Management and Risk and Compliance. To discuss trialling these LexisPSL services please email customer service via our online form. Free trials are only available to individuals based in the UK. We may terminate this trial at any time or decide not to give a trial, for any reason. Trial includes one question to LexisAsk during the length of the trial.
To view the latest version of this document and thousands of others like it, sign-in to LexisPSL or register for a free trial.
Existing user? Sign-in
Take a free trial
Take a free trial
0330 161 1234