So, finally a panacea to the confusion on how the UK's upcoming 'divorcee' status affects its legal stance on Data Protection and the GDPR.

As if the ICO hadn't iterated enough that the GDPR will still need to be followed in the UK, this announcement should assuage some who had pressed on with compliance projects to meet the deadline in May 2018 but may also strike fear into the hearts of those who've ignored it. 

So what changes? Perhaps not much.

The GDPR has already been clarified by most of the regulatory bodies in the UK and is automatically to be enshrined in law if the 'Great Repeal Act' is successful. To add to that, the Queen's Speech announced a new Data Protection Bill (which was bound to include similar clauses to the GDPR).

However, here begins the speculation: the GDPR is a pretty ambiguous set of regulations, so how might the UK add to this?

Britain had always been one of the strongest proponents of the GDPR, advocating a 24-hour limit on reporting data breaches (as opposed to the 72 hours finally agreed upon). Also, the Data Protection Act 1998, while severely lacking and outdated, is anything but ambiguous. We can probably expect much clearer guidance on how companies can stay on the right side of the law.

So buckle up, because it will be a bumpy ride. My suggestion is that IT professionals start as soon as possible to ensure that they are ready, and that they watch the progress of the Bill to know what to expect when it passes into law. It is almost guaranteed to be tougher and tighter than the GDPR.