The GDPR Effect On Brexit

Uploaded on 2017-06-20 in BUSINESS-Services-Law, FREE TO VIEW, GOVERNMENT-National, NEWS-Cybersecurity News

It is not yet clear how the UK's vote to leave the European Union will impact data processing and sharing across Europe. Businesses will need to anticipate possible new barriers to data sharing whilst at the same time working to encourage pragmatic solutions.
 
However, Brexit should not distract businesses from preparing for implementation of the EU General Data Protection Regulation in 2018. Reforms are coming with or without Brexit.

In practice, however, it is unlikely that Brexit will be significantly disruptive from a data protection perspective.

The UK's future data protection regime will to some extent depend on the nature of the UK's wider future relationship with the EU.

If the UK joined the EEA it would be obliged by agreement with the EU to pass a new law effectively implementing the GDPR in the UK. In that case, therefore, the impact of Brexit on UK data protection regulation would be minimal.

Any other post-Brexit arrangement would be likely to involve some agreement between the UK and the EU. This may or may not involve commitments from the UK regarding its data protection regime, clearly, however, those commitments would not require a higher standard of data protection than the GDPR.

Subject to any data protection commitments that the UK might make to the EU, the UK would, in theory, be free to regulate data protection post-Brexit as it saw fit.

This freedom would, however, be more theoretical than real. The GDPR, like the DP Directive, will impose tight restrictions on transfers of personal data from the EU and EEA to other countries which do not ensure an "adequate" level of protection for personal data.

The European Commission, with the EU Court of Justice looking over its shoulder, will need to decide whether the UK's new regime ensures an adequate level of protection.

A decision that the UK did not provide an adequate level of protection would be disruptive, putting the UK in the same category as non-EEA countries, such as the US, China and India, and requiring burdensome administrative steps to be taken to allow data sharing between the EU and the UK to continue.

In practice, therefore, the UK is likely to adopt a GDPR-like level of data protection, so as to ensure that EU and UK businesses can continue to share personal data.

Clifford Chance:

You Might Also Read:

EU’s New Data Rules Are 1 Year Away:

EU / US Privacy Shield Affects Your Organisation:

 

 

 

« Trump Handed Russia Classified Intelligence
Video Game Imagines Humans Relying On Robots »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Alsid

Alsid

Alsid helps corporates to anticipate attacks by detecting breaches before hackers can exploit them.

Agility Networks

Agility Networks

Agility Networks is a technology company providing integrated services and solutions for Digital Transformation and Cyber Security.

OCM Business Systems

OCM Business Systems

OCM are experts in the safe, secure and responsible disposal of IT & EPoS assets.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Informer

Informer

Informer provides an Attack Surface Management SaaS platform alongside penetration testing services. We combine machine learning and human intelligence to reduce cyber risk.

Conference on Applied Machine Learning in Information Security (CAMLIS)

Conference on Applied Machine Learning in Information Security (CAMLIS)

CAMLIS is a venue for discussing applied research on machine learning, deep learning and data science in information security.

SAM Seamless Network

SAM Seamless Network

SAM Seamless Network is a cybersecurity technology platform that protects the connected home, by tackling cyber security threats at the source.

Secure Cyber Defense

Secure Cyber Defense

Secure Cyber Defense provides expert cybersecurity consulting and managed detection and response services to companies, local government, schools and universities.

NetGain Technologies

NetGain Technologies

NetGain Technologies helps small to medium-sized businesses gain access to expert IT talent. We provide strategies that use technology as a driving force behind business growth.

Oligo Security

Oligo Security

Oligo aims to streamline the usage of open source by making it secure and easy to protect. Through focusing developers on the relevant vulnerabilities we make the fixing process significantly shorter.

coc00n

coc00n

coc00n secures the devices of high-value and high-interest individuals against cyber attacks.

Boltonshield

Boltonshield

Boltonshield provide a unique and proactive approach to cyber defence with managed security services, integrated technologies, and a team of security experts, ethical hackers and analysts.

AUCloud

AUCloud

AUCloud is a leading Australian cyber security and secure cloud provider, specialising in supporting businesses and Governments with the latest cloud infrastructure.

Texaport

Texaport

Texaport's vision is to be the trusted partner of choice for organisations seeking comprehensive IT management and cutting-edge security solutions.

StrongDM

StrongDM

StrongDM is the leader in Zero Trust Privileged Access Management (PAM).

Assurestor

Assurestor

Assurestor's singular focus is delivering leading cloud-based backup and disaster recovery designed to increase levels of IT resilience.

Gcore

Gcore

Gcore is an international leader in public cloud and edge computing, content delivery, hosting, and security solutions.

Datos Insights

Datos Insights

Datos Insights is a leading global provider of insights, data, and advisory services to the financial services, insurance, and retail technology industries.