Scams and personal data after Brexit

Personal data is any information that can be used to identify a living person, including names, delivery details, IP addresses, or HR data such as payroll details. Most organisations use personal data in their daily operations. We’ve covered some of the changes to the way personal data is shared from the EEA to the UK, as set out on the Government’s webpage, below. We’ve also looked at some potential scams you need to be aware of.

I’ve been receiving emails post Brexit, apparently from the government, asking for my personal details. Is this a scam?

There are several scam emails which often pretend to be from the government asking for personal details.

The government generally does not email in this way. If you receive an email asking you to click a link or asking for personal details, just delete it or ignore it. It’s almost certainly a scam.

Be careful when taking or receiving unexpected calls, emails and text messages. Remember that your bank will never ask you to reveal your full PIN or password or ask you to move money to another account. If you’re worried, check with your provider independently using a number you know is genuine. For example, use the number on the back of your card or from your annual statement or policy documents .

Find out if a financial services firm is authorised by the FCA by checking the Financial Services Register.

Find out more about spotting a scam and how to avoid being scammed.

What about protection of personal data after Brexit?

There are no immediate changes to the UK’s data protection rules now the UK has left the European Union and the implementation period has ended. UK data protection law will continue to be aligned with the EU General Data Protection Regulations (GDPR) although changes to the current framework may see it diverge from EU regulations from January 2021.

The UK remains committed to high data protection standards.

Further information can be found on the Information Commissioner’s Office website.

Is the ICO’s GDPR guidance still relevant?

UK data protection law will continue to be aligned with the EU General Data Protection Regulations (GDPR). This means there will be no significant changes to the UK’s data protection regime due to the UK government bringing EU GDPR and Law Enforcement Directives directly into UK domestic law.

However, changes to the current framework may see it diverge from EU regulations from January 2021.

There may also be changes to the way data is shared from the EU to the UK. Businesses and organisations can review whether they might be affected and the latest updates from government by checking the latest guidance available on the ICO website.

Did you find this guide helpful?