Britain harvests EU criminal data over fears Brexit will weaken police powers
In a potentially illegal act, the UK pre-empts losing access to a core EU database used for crime-fighting
The UK's National Crime Agency (NCA) has allegedly harvested a swathe of files from EU databases to help with the country's policing in a post-Brexit world.
That's according to a leaked document seen by the Guardian which detailed the findings. The report said the UK transferred 54,000 EU alerts from its Schengen Information System (SIS II) database to the Police National Computer (PNC) as the country may lose access to EU crime data when 31 October rolls around.
The report stated that crime-fighting is an increasingly international venture requiring cross-border collaboration to be successful in cases. While the transferring of these alerts will keep Britain's police informed for a while, the country's access to the database is uncertain due to the risk of a no-deal Brexit.
"Undoubtedly, uncertainty about the UK's future relationship with the EU has increased, due to the resignation of the PM and the ensuing leadership contest," read the report by David Armond, former NCA deputy director general.
"All Brexit scenarios are now back on the table, including exiting the EU with or without a deal, a further extension to the process and a second referendum," it added. "A no-deal Brexit at the end of October is now a possibility, which means that the priority for ICCC, the [International Crime Bureau] and police forces should be to focus on the mitigation of increased risks due to the loss of access to SIS II alerts."
Michael Gove, chancellor of the Duchy of Lancaster, wrote on Sunday that a no-deal Brexit is "a very real prospect", meaning that if a deal can't be struck by the 31 October deadline, the UK will lose access to vital crime-fighting systems provided to us by the EU, as well as European arrest warrants and investigation orders.
"The EU's leaders have, so far, said they will not change their approach [to negotiating with Britain regarding a Brexit deal] - it's the unreformed withdrawal agreement, take it or leave it," said Gove.
"We still hope they will change their minds, but we must operate on the assumption that they will not. No deal is now a very real prospect, and we must make sure that we are ready," he added.
Individual nation-states are being urged to upload SIS II alerts to Interpol where the UK can still legally access the information once it left the EU, according to the leaked report.
IT Pro contacted the NCA and the Cabinet Office for comment but neither replied at the time of publication.
Criminal databases aren't the only thing the UK could expect to lose access to if it leaves the EU, businesses may also find it difficult to receive data from countries in the EU due to the recent scrutiny placed on the current mechanism used by businesses to transfer data within the EU.
Standard contractual clauses (SCCs) allow one organisation to set data protection rules into a contract with another organisation which allows data transfer to remain legal and compliant with GDPR. It's also the mechanism that UK businesses were relying on in a post-Brexit world.
The European Court of Justice (ECJ) is currently ruling on whether to declare these SCCs invalid and a worst-case scenario could see data flow halted between UK and EU businesses.
In any case, UK businesses have been advised to review whether their methods of cross-border data transfer would need altering if the ECJ ruled against SCCs. In some cases, organisations may need to switch to a UK-based data processor but that could incur a greater cost.