Exactly. Of course there is always the possibility that any changes the UK makes may end up impacting EU GDPR, or the UK’s data adequacy position, but these decisions are likely to be political. Although consumers and businesses may put pressure on systems and enterprises to protect their data, ultimately it’s the politicians in power who influence which direction data regulations go. This goes for both the countries implementing the regulations, as well as the countries on which the regulations are being imposed – for example, the Schrems II decision invalidating Privacy Shield. In any case, it is always in an organisations interest to ensure that it is taking appropriate measures to protect data and ensure an individual’s privacy, particularly if that is the expectation of its customer base.