Although the results of the referendum are clear, the full impact of Brexit on data transfers in litigation and investigations is dependent on whether or not Britain becomes part of the European Economic Area (EEA) or the European Free Trade Association.
If the UK becomes part of the EEA and the EU finds the UK’s data protection safeguards to be appropriate this would make transferring data outside of the UK easier. However, it is likely that businesses will still have to comply with the new requirements to be implemented under the forthcoming General Data Protection Regulation, when transferring data across borders to comply with legal obligations in other countries. Both legal mechanisms and technology solutions are relied upon in these situations to safeguard the personal data of European citizens.
If Britain does not become part of the EEA, the situation is more complicated and it is likely that an arrangement similar to the EU-US Privacy Shield would need to be agreed. This will provide a safe passage for the transfer of data between the UK and other countries in Europe
Until the UK finalises its data protection regime and comes to an agreement with the EU companies need to think carefully about the risks of transferring data across European borders. Business does not have to come to a standstill; law firms and companies can rely on Kroll Ontrack’s mobile ediscovery solution and network of European offices to continue processing and transferring data in Europe in a compliant and cost-effective manner. We have always catered for the data protection needs of our clients as they take all laws and regulations into consideration.