[matt-p]

"The UK doesn't even allow end-to-end encryption" thats 100% not true, just completely false.

"has some Draconian surveillance laws", sure and what EU countries don't - you must be joking?

"I very much doubt it can be GDPR compliant" The GDPR is retained in domestic law, it's literally the exact same situation as before brexit.

[jonathanstrange]

It is true because a cryptosystem is by definition not end-to-end encrypted if a third party can read the plaintext, and that's exactly what UK law mandates.

> "I very much doubt it can be GDPR compliant" The GDPR is retained in domestic law, it's literally the exact same situation as before brexit.

That's not the stance of legal scholars and judges in the EU, for the same reasons as there are doubts that US companies can be GDPR compliant. Let's just say that the alleged GDPR compliance hasn't been tested in court yet and is a legal gamble. Whether a EU company is willing to take that gamble or not depends on many factors and is up to them, of course.