0a8e77e949
- Moved everything from ideas/passepartout/ to projects/passepartout/ - Moved legal structures to projects/flags/ - Created missing _index.org files for all subdirectories - Stripped redundant passepartout- prefix from filenames - Rewrote root _index.org as generalized brain index (projects + concepts) - Updated Hugo nav to Projects/Concepts - Updated build script section descriptions - Deleted stale ideas/passepartout-economics.md orphan
23 lines
1.1 KiB
Org Mode
23 lines
1.1 KiB
Org Mode
:PROPERTIES:
|
|
:ID: 9bc29937-d59a-4ae4-9623-3d17a1fe6ebb
|
|
:ID: auto-uk-[[id:513d5996-4ac7-4567-a992-18fc01599104][gdpr]]
|
|
:CREATED: [2026-05-23 Sat]
|
|
:END:
|
|
#+title: UK GDPR (Post-Brexit Data Protection)
|
|
#+filetags: :passepartout:compliance:framework:uk:
|
|
|
|
|
|
Post-Brexit, the UK maintains its own version of [[id:513d5996-4ac7-4567-a992-18fc01599104][GDPR]] via the Data Protection
|
|
Act 2018. Substantively identical to EU GDPR but diverging over time. The UK
|
|
has announced separate reforms targeting AI and digital identity. ICO (Information
|
|
Commissioner's Office) enforces. Maximum fines: 17.5M GBP or 4% of global turnover.
|
|
|
|
Why it matters: UK GDPR is EU GDPR's twin market — any gate package designed
|
|
for EU GDPR ports directly with verified translation of terminology (supervisory
|
|
authority → ICO, DPA → equivalent UK contract clauses). The gate stack's ACL2
|
|
prover can verify that the UK version's rules are consistent with the EU version
|
|
(and alert when they diverge). This is a concrete ACL2 application.
|
|
|
|
** [[id:748db16a-1382-4e5e-8812-a5d57a8de131][NIS2]] (Network and Information Security Directive)
|
|
|