Our Founder Robert Baugh discusses the proposed Brexit Reforms with Mazars

Robert discusses the DPDI Bill - intended to reform the UK data protection laws - with Andrew Rawlins-Catterall, the host of Mazars' Tech for Leaders podcast
Robert Baugh Mazars Brexit Podcast

Our Founder & CEO, Robert Baugh, was delighted to discuss potential Brexit Reforms – as set out in the DPDI Bill – with Andrew Rawlins-Catterall, the host of Mazars’ Tech for Leaders podcast.

The episode was recorded on 16 September 2022 and covers key areas of Accountability as well as possible impacts on the UK’s adequacy decision under EU GDPR. We’ve set out some of the main areas discussed below.

See the full episode here.



We discuss the differences between the Data Protection Officer regime under UK GDPR and the Senior Responsible Individual under the DPDI Bill. We look at whether it’s better or worse, easier or harder, when you need an SRI (and is the test the same as for the DPO) and what if you’ve already got a DPO?

There’s a key addition on SRIs’ duties compared to DPOs. We also discuss the possible liability of DPOs and SRIs, plus the continued difficulties presented by the no-conflict rule for SRIs.


DSRs & ‘vexatious’

We look at the practical effects – so far as we know at the date of recording – of the change of wording in relation to DSRs, by bringing in ‘vexatious’.

We also look at the history of ‘vexatious’ in FOIA cases and whether that’s applicable in data protection.


Article 30 & Records of Processing

One of the big pains of GDPR, according to the UK government, is creating your records of processing. We discuss the practical changes, and whether it’s any easier under the DPDI Bill.


DPIAs vs Risk Assessments

Privacy compliance is a big factor in trust. We discuss how risk assessments are still there, potentially more so, under the DPDI Bill.


Cookies, PECR & e-Privacy

There are some good changes to cookies and PECR. We run through this area, and include a discussion on the IAB Europe case.


UK’s Adequacy Decision

There’s a sunset clause in the UK’s adequacy decision under GDPR, and the ability to review before then too. We discuss whether the DPDI Bill threatens the UK’s adequacy, either in the way transfers are treated or in the independence of the UK ICO with its new governance structure.


Side-by-Side Comparison

Don’t forget to get your own copy of Keepabl’s Side-by-side Guide on the Brexit Reforms under the DPDI Bill. It’s all so much clearer than wading through the Bill, we’ve done the work for you!


Related Articles

Privacy Kitchen reaches 500 YouTube Subscribers
News & Awards
Privacy Kitchen races to 500 Subscribers on YouTube!

Here at Keepabl, our ‘Start with the Why’ is to joyfully use tech to solve people’s headaches and make them feel happier.  Proud as we are of our award-winning Privacy…

Read More
News & Awards
Keepabl named to the Fintech Power 50!

The Fintech Power 50, the annual guide to the most influential, most innovative companies and visionary personalities shaping the Fintech industry, has named Keepabl, the award-winning Compliance-as-a-Service making GDPR simple,…

Read More