skip to main content
Close Icon We use cookies to improve your website experience.  To learn about our use of cookies and how you can manage your cookie settings, please see our Cookie Policy.  By continuing to use the website, you consent to our use of cookies.
Global Search Configuration

Ovum view


The area of regulation and legislation is a key foundation for business, but because much of it originates from government and industry-level bodies at national and supra-national level, it is an area that is subject to much potential change as structures change between now and the date of an ultimate Brexit.

The shifting sands of compliance will be an ongoing challenge

The UK government has already stated that scrutinizing regulation and legislation, and planning necessary changes, will be a core activity within its considerations post-referendum. Many commentators believe that in order to minimize disruptive impact on business and public sector activity, and to maintain the benefits of existing investment in compliance, replacement regulatory and legislative measures should where possible mirror those currently in force. This approach by authorities would certainly greatly help UK organizations already burdened significantly by compliance costs, and facing many additional costs and much disruption arising from the Brexit decision.

One prominent related activity that is under way within many sizable UK organizations is planning and investment for compliance with the EU’s General Data Protection Regulation (GDPR). This measure passed into its final “pre-legislation” stage in late 2015, at which point a two-year deadline for compliance was established. Consequently, investigations and investments will have been planned to ensure that regulated data for which enterprises are responsible is located and protected compliantly, and is not passed to non-compliant third parties for processing. Compliance must be maintained whether the regulated data is stored in the cloud, processed primarily by third-party providers, or held within the enterprise’s IT estate.

It seems certain that the late-2017 deadline for GDPR compliance will be passed before the UK is free of obligations related to its EU membership, hence affected organizations within the UK’s jurisdiction will now need to continue their efforts toward ensuring GDPR compliance, despite the referendum verdict. For organizations continuing to conduct business with others in the EU post-Brexit, these efforts will obviously have a direct ongoing benefit. However, given that GDPR is in the vanguard of similar legislation that is likely to evolve and come into force in other areas of the world, the benefits of managing issues such as data sovereignty around organizational data more accurately may also be extended further in future for organizations with broad operational horizons.

Cloud, SaaS, and outsourcing service providers will still have to maintain their programs of investment in order to serve customers in other countries in the EU that require GDPR compliance, or to serve UK organizations’ near-term compliance requirements. However, once it has left the EU, the UK will be considered a geography outside the Union from the perspective of data transfers regulated by GDPR, and these providers might need to invest in data obfuscation technology in data centers in the EU before data is transferred to the UK.


Further reading

"Brexit will have minimal impact on the UK's regulatory environment", TE0007-001040 (June 2016)

"Brexit decision will impact enterprise IT investment", IT0018-001498 (June 2016)


Alan Rodger, Senior Analyst, Infrastructure Technologies

Recommended Articles

  • Service Provider Markets, Consumer & Entertainment Services,...

    MWC 2018 Highlights

    By Ronan De Renesse 27 Feb 2018

    Over 20 of our senior Ovum analysts and consultants attended this year’s Mobile World Congress in Barcelona at the end of February. In between meetings, briefings and presentations, our analyst team were blogging and tweeting about key developments, trends and rumors. Have a look through our daily MWC 2018 Highlights to find out what happened.

    Topics 5G AI IoT Cloud Payments SDN/NFV Smart home

  • Consumer & Entertainment Services

    US pay TV: Is it facing an existential threat?

    By Adam Thomas 28 Mar 2018

    With US pay TV having endured the worst year in its history, thoughts have inevitably turned to the future. The likelihood remains that the immediate future will remain highly uncomfortable for everyone except the scaled multinational digital platforms.

  • Enterprise Decision Maker, Enterprise IT Strategy and Select...

    2017 Trends to Watch: Big Data

    By Tony Baer 21 Nov 2016

    The breakout use case for big data will be fast data. The Internet of Things (IoT) is increasing the urgency for enterprises to embrace real-time streaming analytics, as use cases from mobile devices and sensors become compelling to a wide range of industry sectors.

    Topics Big data and analytics IoT


Have any questions? Speak to a Specialist

Europe, Middle East & Africa team - +44 (0) 207 017 7700

Asia-Pacific team - +61 (0)3 960 16700

US team - +1 646 957 8878

Email us at

You can also contact your named/allocated Client Services Executive using their direct dial.
PR enquiries - Call us at +44 788 597 5160 or email us at

Contact marketing -

Already an Ovum client? Login to the Knowledge Center now