UK must adopt EU data protection laws
Commissioner says Brexit should not mean Brexit when it comes to data protection Getty Images

The UK's Information Commissioner (ICO) Elizabeth Denham has urged the country to adopt EU data protection laws that will come into effect in 2018, even after it leaves the Union. The laws are designed to strengthen the rights of individuals over their data.

The new laws will make it binding on large businesses, which have EU citizens' data, to appoint a data protection officer and report data breaches within 72 hours.

"I don't think Brexit should mean Brexit when it comes to standards of data protection," Denham told BBC Radio 4's PM programme.

"The UK is going to want to continue to do business with Europe. In order for British businesses to share information and provide services for EU consumers, the law has to be equivalent," Denham said.

"The UK was very involved in the drafting of the regulation — it will likely be in effect before the UK leaves the European Union — so I'm concerned about a start and stop regulatory environment," she said.

Denham even had queries for Yahoo, which recently admitted 500 million user accounts, including eight million accounts belonging to UK users, were breached by state-sponsored attack.

"This data breach is unprecedented. The numbers are staggering. Why did it take so long for Yahoo to notify the public of the breach? It looks like it happened two years ago. What can these account holders do to protect themselves?" Denham asked.

"I'm asking those questions on behalf of UK citizens."

Denham said she would investigate WhatsApp's plan to share user data with Facebook.

"We have launched an investigation into the data sharing, remembering that in 2014 when Facebook bought WhatsApp, there was a commitment made that between the two companies they would not share information," she added.