While economists and politicians continue to consider the cost of the British public’s June 2016 vote to exit (Brexit) the European Union (EU), the cybersecurity community is equally looking to assess the impact of the decision on the sharing of cyber-breach information internationally and what it means for cross-border data access.
The primary security concerns of Britain leaving the EU revolve around matters such as General Data Protection Regulation (GDPR); a loss of threat intelligence cooperation with Europe; an increasing cost of security (because of the falling value of the pound); and the loss of access to European technical expertise.
When the GDPR takes effect it will replace the data protection directive from 1995, which is a welcome update. The regulation was adopted on April 27, 2016, and enters into application on May 25, 2018, after a two-year transition period.
Thus GDPR is likely to go ahead in Britain. Technically, it must go ahead since it will become law before Britain actually leaves the EU. Practically, it will go ahead because it is the easiest way to maintain ‘privacy adequacy’ and continue easy trading between the UK and Europe.