The decision made by the British people in the 23 June 2016 referendum has multiple consequences, many of them legal. Some have already been addressed, but the issue of what Brexit could mean for European citizens’ privacy and data protection rights has been pushed to the background.
The regulatory framework for data protection in the European Union conferred total freedom of circulation on data within the 28 Member States. The United Kingdom’s exit from the EU, and consequently from that legislative environment, will therefore mean that its citizens will be considered as established in a third country, and issues such as those currently existing with the United States will have to be contended with. Basically, sending data from any EU country to the UK will constitute an international data transfer, with the legal effects that this entails.
Obviously, given the importance of massive data processing for a company from any sector, the UK is not going to remain aloof from its former fellow Member States, since not interacting with the EU in this field would leave it out of the game in a sphere that is vitally important for the economy.
This situation obviously gives rise to uncertainty -which will have to be cleared up by the British government in the coming months- concerning the decision to be made on the subject of data protection in the island State.