The only certainty about Brexit, the UK’s departure from the European Union, is that it is going to create uncertainty in terms of data sovereignty, particularly in the field of cloud computing. Data sovereignty refers to data being held in a country in adherence to the laws of that state. That is fine if your company is based in a single location and single market but it becomes trickier if you have diverse locations and lots of different laws with which you need to comply.
When the UK is part of the European Union it has the same data sovereignty laws as other countries in the EU but when the UK breaks away those laws could change. In time companies operating in Europe may have to manage one set of data laws for the UK and another for EU member countries. By voting to leave the European Union the UK fractured what was becoming a single digital market into potentially two or more jurisdictions for technology issues.
If the UK wants to participate in the free flow of data across European borders after leaving the EU, it will have to adopt the same data-protection standards as the EU’s new General Data Protection Regulation. As the UK’s Information Commissioner’s Office has stated “international consistency around data protection laws and rights is crucial, both to businesses and organisations and to consumers and citizens”. Unless the UK follows the new EU rules foreign companies may lose the ability to process European consumer data in the UK. This has ramifications for companies that want to use data centres in the UK – even just as backups – if their data centres in other EU countries go down.
People are waking up and recognising that the cloud is about data centres built on land under national laws.