IBM has contacted its customers with advice on how it will handle a disorderly Brexit, including a warning that if the UK leaves the European Union without an agreement “One of the key areas which may be affected is the free flow of data.”

In a letter [PDF] sent to IBM Cloud account-holders seen by iTnews, the company outlined “proactive measures to plan for this situation and enable the continued provision of goods and services.”
Those measures include automatically adopting the UK Data Protection Act 2018, so that customers can keep using personal data in the UK.
But because a no-deal Brexit will see the UK freed from GDPR obligations, and therefore considered a “non-adequate” country under that Regulation, IBM will ensure its UK operations will be classified as “as data importers under existing EU Standard Contractual Clauses, based on your jurisdiction.”
Another thing Big Blue will have to address is contracts that use blanket terms like “Western Europe, the European Union, EU, EU member states, or countries in the European Economic Area” without explicitly mentioning the UK. IBM’s assured customers that “Irrespective of the conditions of exit and until further notice from IBM, those terms shall continue to include the UK as if the UK were expressly mentioned.”
IBM hopes it doesn’t have to do any of this: the letter opens by saying “IBM believes that the best outcome for business is that the current negotiations on the United Kingdom’s exit from the European Union will result in a transition period and future arrangements which will support business.”
That sentiment is in line with that expressed by many other businesses, as a no-deal Brexit will force adoption of new rules for cross-channel commerce.
The letter will comfort Australian customers too, as many use IBM precisely because it has a presence in the EU and UK.
Knowing that they’ll be able to continue wielding personal data and meeting privacy obligations even if Brexit lands with a sickening thud will be small comfort as they confront the chore of adopting new compliance regimes across their European operations.