“A consensus already appears to be emerging among legal commentators that many UK organisations will need to comply with the provisions of the European Union’s General Data Protection Regulation regardless of the progress of the UK’s path to Brexit.
The GDPR was due to be adopted by the UK in May 2018 after a long process of EU legislative reform. As soon as the UK officially leaves the EU, in theory it is possible that the GDPR could be ignored – data protection is already written into UK law in the Data Protection Act 1998. In practice, however, if the UK continued to be part of the European Economic Area then the UK would have to abide by GDPR.” – Daniel Bennett Information Law and Policy Centre, University of London, June 29th 2016
Daniel’s article makes for an interesting read on both the future of the UK post Brexit and the fate of the GDPR once exit negotiations are complete. He highlights the place of politics within these new Data Protection rules and suggests that the cost of access to the European Economic Area (EEA) is highly likely to include a similar or identical version of GDPR.