Today’s business is dependent on information; information about an individual’s financial wealth, education, purchasing preferences and even health conditions. How companies treat the information, or data, they accumulate from individuals is governed by the laws in which they are incorporated and operate. Unfortunately, these laws often conflict especially when an American business is operating in Europe. This conflict led the European Commission to develop data privacy principles known as the Safe Harbor Directive, which if followed allowed US companies to store and use EU customer data. However, a lawsuit challenging the legitimacy of the Safe Harbor’s privacy protections for EU citizens resulted in a 2015 ruling by the European Court of Justice (ECJ) that invalidated the Safe Harbor Directive. The chaos that resulted from this ruling sent businesses on both sides of the Atlantic scrambling for an alternative. Unfortunately, Brexit has made an extremely complex legal and business situation even more complicated. Brexit raises two important questions concerning the EU’s recent invalidation of the Safe Harbor Directive that this paper will address: 1) what impact will the UK’s decision to leave the EU have on the newly enacted Privacy Shield and 2) what data privacy measures will the UK implement when it is no longer part of the EU?


Brexit, Safe Harbor, Privacy Shield, data, privacy, GDPR

Chinese Abstract






Creative Commons License

Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial 4.0 License

Included in

Business Commons



To view the content in your browser, please download Adobe Reader or, alternately,
you may Download the file to your hard drive.

NOTE: The latest versions of Adobe Reader do not support viewing PDF files within Firefox on Mac OS and if you are using a modern (Intel) Mac, there is no official plugin for viewing PDF files within the browser window.