I am looking at the GDPR, and considering the issue that post-Brexit, the UK will probably have to seek an “adequacy ruling” to allow IT services trade and trade dependent on cross border IT between the UK & the EU to continue. If we adopt the GDPR as part of the so-called “Great Repeal Bill”, then there should be no problem. In the unlikely event that the fUK-EW legislates for greater data subject privacy then the EU may object because it breaks their single market rules; all jurisdictions must treat entities and citizens of the EU equally, whereas if we were to weaken the privacy provisions then the Commission would deny us an adequacy ruling. Today’s insight is that it works both ways.
Adequacy
In the post above, I have avoided considering the issues where the law remains a member state competency although this is the area of politics and law that will play out as Liberty requests judicial review on the Regulatory Powers Act. Article 23 “Restrictions” defines the areas of non-competency.