- The UK will in all likelihood still be a member of the EU in May 2018 when the GDPR takes effect.
- Following Brexit, the UK will need to be regarded as having “adequate legal protection” for personal data, so as to allow transfers of data to the UK from the EU. Accordingly, the UK will need to have data protection laws which are materially the same as those in the EU (i.e. the GDPR).
- The UK Government has confirmed that the UK will implement GDPR, which we understand to mean that the UK will implement the GDPR into UK law so as to continue after Brexit has occurred.
- Even when the UK leaves the EU, as the GDPR has ‘long arm jurisdiction’ it will directly apply to UK businesses that target or profile consumers in the EU.