Understanding how incoming data protection regulation will be affected by the decision to leave the EU.
The EU referendum resulted in a vote in favour of the UK leaving the EU. This decision has significant data protection implications for companies that process the personal data of EU citizens.
Despite the vote, however, it seems likely that either the General Data Protection Regulation (GDPR), or a law that looks very similar, will be required in the UK after Brexit takes effect.
EU member states will be required to observe all the provisions of the GDPR when it comes into force on 25 May 2018. An EU directive on data protection for the police and criminal justice sector also needs transposing into UK law by 6 May 2018.
Unless the UK is able to negotiate and agree its withdrawal arrangements by May 2018, which is unlikely, the GDPR will apply in its entirety in the UK from May 2018.
Read more on the implications in the attached technical bulletin.
Need practical advice on navigating Brexit?
Our guidance covers a range of factors that will affect your business and how to address them.
People and skills
Imports and exports
Tax and transactions
Cost and cashflow