[pdpi]

AIUI, the GDPR by itself doesn't apply to the UK (or any other EU member state in particular). Instead, the GDPR forces member states to enact laws that implement those rules.

This means that, after Brexit, the GDPR implementation laws will still be law in the UK. Depending on the outcome of the Brexit negotiations, the UK might or might not be in a position to repeal those laws at their own discretion.

[detaro]

the key word is General Data Protection Regulation. Regulations are law, and apply directly, no local implementation needed (except for "interfaces", e.g. in the case of GDPR changes to existing laws to clarify how they interact with GDPR and to make exceptions GDPR explicitly allows the states to make)

Directives are the ones that only direct the states to enact laws implementing them.

[DanBC]

But in the case of GDPR the UK has also implemented the DPA 2018 which implements GDPR.

[pdpi]

Ah awesome. Thanks for the clarification.