It’s no secret that Brexit spits out many issues policy makers will have to tackle if Article 50 is invoked. Of notable concern is data protection and privacy regulation. Brexiters campaigned that the plethora of EU regulations was unnecessary, costly and over-complicated, and there can be no bigger, 'badder' example than the impending General Data Protection Regulation (GDPR), which will most likely come into force in 2018. But if the UK exists the EU then UK and importantly other non-EU enterprises (particularly in the US) will still face the same, if not more challenging, regulation. What’s worse, is the UK Government will have lost all input into the future direction of the GDPR and other EU regulations.