“Anyone clinging to the hope that a win for the Brexit brigade will prevent UK companies from having to implement the EU General Data Protection Regulation better think again; businesses will be forced to adhere to the new rules
With a leave vote, the UK would become a State outside of the European Economic Area (EEA) and therefore would have to offer an ‘adequate level of protection’” – Chris Pounder and Sue Cullen, Amberhawk Training (via Decision Marketing), February 24th 2016
This fascinating article from former Pinsent Masons experts poses a very real, very worrying scenario.
The ICO has already established that the UK would need to prove adequacy in terms of its data protection laws – something the current 1998 DPA doesn’t come close to. Chris and Sue go further, suggesting that if the UK does not prove adequacy and Brexit turns messy the EU could halt all EU-UK data transfers, potentially choking British trade, finance and much more…