• Home
  • >
  • Blog
  • >
  • What Can Businesses Do About Brexit and Data Sovereignty?

What Can Businesses Do About Brexit and Data Sovereignty?

Tom Hassan

Digital Marketing Executive at Node4

The topic that everyone is talking about is Brexit, and for good reason too.

In a referendum that shook the UK, on the 23rd June 2016, Britons took to the polls to vote on Britain’s future with the European Union. And, surprisingly, the majority of people voted to leave the EU.

Shortly after the votes were taken and the results were counted up, the pound fell to its lowest level since 1985. Understandably, businesses were nervous about the result and the implications it might have on trade, with many having to rethink their business strategy for the future.

Whilst Britain remains in the European Union, it has the same data sovereignty laws as other EU countries. However, the move away from the European Union will quiet possibly create uncertainty around data sovereignty, especially when it comes to Cloud computing .

Data sovereignty, in its essence, means that data stored in a particular country must comply with the laws of that country . On the face of it, this seems like a straightforward concept that shouldn’t be too troubling. However, differing sub-laws and agreements amongst countries could change this into a whole different story. For example, some countries have localization laws, which state that data belonging to citizens of that particular country should be stored within that particular country . And, on top of that, current EU legislation states that precautions need to be taken when data is transferred to countries that are outside of the EU .

This problem is further exasperated when you consider that data movement will be play a key role in the upcoming General Data Protection Regulation (GDPR) that is due to come into effect in May 2018 .

Moreover, Christopher Graham, Information Commissioner, Information Commissioner’s Office, state that, “[w]ith so many businesses and services operating across borders, international consistency around data protection laws and rights is crucial both to businesses and organisations and to consumers and citizens… ”

Hence, amongst the many concerns that business owners have following the Brexit vote, businesses are worried about the implications of data sovereignty. Namely, where do I need to keep my data to make sure both the regulators and my customers are happy ?

And, to make matters worse, current UK data legislation could change as well. Because, when article 50 is invoked, a number of laws controlled by the EU may become invalid , meaning that businesses that operate in Europe may have to deal with different sets of data laws, one for EU members, and one for the UK .

So, there’s an obvious gap in regulatory requirements. We’re still very early on in the Brexit process, so UK legislation is still being drawn up to clarify how data from the UK can be stored, and where. Whatever the outcome may be, businesses still need to be prepared to deal with any potential outcomes, and as soon as possible .

Perhaps the simplest and safest option for businesses is to migrate any data that is not stored in the UK to a UK based data centre. This means that data stored in the UK will come under the protection of any future UK data sovereignty regulations . Furthermore, with having data in the UK, businesses have greater insight, and potential influence over, how the legislation will pan out.