Brexit has been a constant topic in the news for months and the planned exit date of October 31, 2019 is slowly getting closer. The fronts in the British Parliament are hardened and it is questionable whether there will be an orderly Brexit or even a stay in the EU. It is therefore high time to deal with the consequences of an increasingly likely, unregulated Brexit.
consequences of a hard Brexit
Uncertainty is growing among companies and private individuals who would be affected by the UK's exit from the EU. In this case, data protection would also be affected.
The main problem is that after a hard Brexit, the GDPR and hungary number dataset all other regulations would no longer be valid. However, the transfer of data requires a legal basis. Great Britain would then be classified as a "third country". This would put them on the same level as third countries such as the USA. Experience with the Save Harbor Agreement, the US Privacy Shield and the CLOUD Act shows that international data transfer is a very difficult construct.
Companies in the EU must therefore review all circumstances in which personal data is transferred or made accessible to companies in the UK and, if necessary, adapt them to applicable law. For example, a contract for data processing would no longer be sufficient as a legal basis after a hard Brexit. Companies from the EU must then demand individual data protection guarantees from British companies.
What will the EU do?
Probably nothing for now. Although there is the possibility of an adequacy decision under Article 45 of the GDPR, the EU will not take any action in this regard until the end of March. This would certify that Great Britain has an adequate level of data protection and no further approvals would be necessary.
What would happen if an orderly Brexit were to take place?
If an orderly Brexit does occur, there is the possibility of follow-up agreements. According to BITCOM, European data protection would continue to apply until these are agreed. There would therefore be no problems with data protection. However, the prospects for this are not very rosy as things stand. Appropriate precautions should therefore be taken.
Who is affected by Brexit?
It will be particularly difficult for companies that have their headquarters in Great Britain or if the parent company is based there. But companies that transmit personal data there are also affected. According to a 2018 BITKOM survey, this applies to 14% of German companies.
However, companies and institutions that use IT services from companies based in the United Kingdom, e.g. in the form of cloud solutions, are also affected, as personal data is also transferred here.