David Clifton’s recent article for SBC News http://cliftondavies.com/wp-content/uploads/2016/04/SBC-News-The-General-Data-Protection-Regulation.pdf focused on the General Data Protection Regulation that comes into force in mid-2018, replacing the current EU Data Protection Directive. It will be directly applicable in all EU Member States, without the need for any domestic legislation to implement it. In his article David commented that “this will be relevant even if the UK votes to leave the EU because UK businesses will be affected by the GDPR if they process data relating to EU subjects, and in any event it will be vital for the UK’s digital economy that its data protection laws are of a comparable standard with other major jurisdictions”.
This has now been confirmed by the Information Commissioner’s Office, which has (on 19 April) published a “Statement on the implications of Brexit for data protection” https://ico.org.uk/about-the-ico/news-and-events/news-and-blogs/2016/04/statement-on-the-implications-of-brexit-for-data-protection/ in which it states as follows:
“The UK will continue to need clear and effective data protection laws, whether or not the country remains part of the EU. The UK has a history of providing legal protection to consumers around their personal data. Our data protection laws precede EU legislation by more than a decade, and go beyond the current requirements set out by the EU, for instance with the power given to the ICO to issue fines. Having clear laws with safeguards in place is more important than ever given the growing digital economy, and is also central to the sharing of data that international trade relies on.”