Understanding how incoming data protection regulation will be affected by the decision to leave the EU.
The EU referendum resulted in a vote in favour of the UK leaving the EU. This decision has significant data protection implications for companies that process the personal data of EU citizens.
Despite the vote, however, it seems likely that either the General Data Protection Regulation (GDPR), or a law that looks very similar, will be required in the UK after Brexit takes effect.
EU member states will be required to observe all the provisions of the GDPR when it comes into force on 25 May 2018. An EU directive on data protection for the police and criminal justice sector also needs transposing into UK law by 6 May 2018.
Unless the UK is able to negotiate and agree its withdrawal arrangements by May 2018, which is unlikely, the GDPR will apply in its entirety in the UK from May 2018.
Read more on the implications in the attached technical bulletin.
Read our guidance on Brexit and explore how we can help
Exploring potential changes to trade and supply chains
Retaining and recruiting the skills you need through Brexit
Exploring the key issues around finance and business infrastructure