The rich UK contribution to the field of EU data protection: Let's not go for “third country” status after Brexit

The die is cast. At the time of drafting this paper the so-called Brexit, the exit of the UK from the EU, seems like a certainty after the poll results of 23 June 2016. Within such historic, indeed seismic, developments data protection seems but a minor issue, a footnote to a world-changing chapter waiting to be written. Yet, from our modest vantage point, undertaken after this Journal's kind invitation, we submit that data protection, although one out of the myriad legal aspects pertaining to Brexit that urgently await consideration, may prove to be a crucial issue in this process. Notwithstanding what happens in the immediate future, when attention will presumably be focused on coordinating the dates when Brexit may potentially occur and the GDPR comes into effect, long-term thinking is critical. We believe that, because developments in this field of law will be among those felt directly by individuals on both sides of the Channel, data protection has the potential to be among the issues that “make” or “break” a possibly successful Brexit - if success is perceived as minimal disturbance to an already functioning system. UK and EU data protection are intrinsically connected by now, by osmosis, after decades of mutual exchanges and intensive collaboration. If indeed, contrary to our wishes, a data protection Brexit does take place, the preferred way forward for the authors would be for the UK to unreservedly and permanently adhere to the EU data protection model. If this will not be the case, then we feel that a high-level principle-driven solution would serve data protection purposes better than a detailed and technical solution; the latter, if ever achievable, would essentially attempt the impossible: to surgically severe what is today an integral part of a living and functioning system.