
The idea of Brexit being a business-friendly dream may not hold up to the reality as Lauren Grest & Mark Surguy explain
The timing of the Brexit referendum has coincided with a tumultuous period for EU data legislation. First was the shock dissolution of the Safe Harbor agreement, then the draft of the General Data Protection Regulation (GDPR) was released and the proposed EU-US Privacy shield is still being debated by the Article 29 Working Group. With the threat of Britain exiting the EU, this adds another layer of uncertainty for businesses and law firms who rely on or need to transfer electronic data.
The most pressing data protection implication of a Brexit centres on the GDPR. Unlike the incumbent Data Protection Directive 95/46/EC which has to be implemented by each member state but may result in inconsistency between states, the GDPR will apply uniformly across all EU member states, with the aim of harmonising data protection laws as well as offering increased data protection measures for EU citizens. Should the UK leave the EU, two key questions arise:
- What legislative regime would