the UK and GDPR

There were already strong indications that the UK would fully adopt GDPR even after Brexit. A recent document (21-dec) has however come out that further clears any doubts especially considering Britain is halfway the door.

This document is penned by the Dept of Culture, Media and Sports. It starts by saying

Government will (...) improve cyber risk management (...) through its implementation of  (...) GDPR.

 Then it closes any discussion with

For now, Government will not seek to pursue further general cyber security regulation for the wider economy over and above the GDPR.

Which, in a sense, is a remarkable statement since GDPR is not, strictly speaking, about cyber security. It embeds and enforces cyber security but from a narrow angle of Personal Information.