UK government seeks early data-sharing agreement with EU ahead of Brexit
Brexit might mean Brexit, but the UK is aiming for common data regulations with Europe
The UK government is seeking an early agreement with the European Union over the establishment of a data-sharing partnership with Europe once Brexit comes into affect.
Despite the triggering of Article 50 to remove the UK from the EU in less than two years time, the government has published a paper entitled "The exchange and protection of personal data", outlines the government's ambition towork closely with Europe when it comes to data-sharingand establish common data protection standards.
"After the UK leaves the EU, new arrangements to govern the continued free flow of personal data between the EU and the UK will be needed, as part of the new, deep and special partnership," the paper explained, noting the government's desire to explore a UK-EU model for exchanging and protecting personal data.
"Early certainty around how we can extend current provisions, alongside an agreed negotiating timeline for longer-term arrangements, will assuage business concerns on both sides and should be possible given the current alignment of our data protection frameworks."
In spite of Britain's attempt to expunge itself from EU law-making and regulatory action, the paper outlines the government's aims to enter a data deal with the EU that's closer than the current deals Europe has with non-EU nations.
At first glance such ambitions would appear to be fairly achievable given Britain has agreed to closely align its data regulations with theEU-wide General Data Protection Regulations (GDPR). However, the EU has yet to consider if the UK's proposal meets what it considers to be adequate levels of data protection such as those offered by the likes of Switzerland and the US and New Zealand in order to facilitate a data-sharing deal once Brexit comes into affect.
Negotiations to been deemed adequate by the EU can be lengthy and the bloc retains the ability to revoke any agreements should it so desire, all of which present hurdles for the government's ambitions for an early pre-Brexit agreement.
The motivation for such a data-sharing partnership in the face of the more isolationist Brexit action is likely down to the fact that the UK's data economy is estimated to have a potential future worth of 240 billion. For the UK's businesses to tap into that wealth, free-flowing data across the EU is seemingly vital.
Anthony Walker, deputy CEO of UK tech industry representative techUK, once more welcomed the government's interest in securing a data-sharing agreement, but also noted it needed to approach such a situation with care and attention.
"While the Government's approach appears to be the right one, securing an adequacy agreement will not be easy. It will require difficult and sensitive issues around the UK's surveillance powers to be discussed between the UK and the EU," he said.
"The experience of the USA in creating the Privacy Shield shows that these issues can be overcome, but doing so will take time and a commitment on both sides to do the hard work necessary to reach an agreement."
Were such an agreement not met, British businesses, particularly those offering digital and data-related services, could be put at a competitive disadvantage to their European counterparts once Brexit is in action. UK police and security services may lose out on intelligence sharing as well, potentially making national security a more challenging prospect.
24/08/2017:UK government set to work closely with EU on data protection post-Brexit
The UK government is planning to work closely with the EU on data protection rules following Brexit, hoping that this will cause minimal disruption for business.
The government is planning to release a paper today to highlight how data will be dealt with between the country and the bloc, including how it will be exchanged and be protected.
"We want the secure flow of data to be unhindered in the future as we leave the EU," Matt Hancock, minister for digital,toldReuters.
"So a strong future data relationship between the UK and EU, based on aligned data protection rules, is in our mutual interest."
He underlined how the digital economy in Britain was worth 118.4 billion in 2015 and that disrupting the free flow of data could affect both the UK and the EU.
"Our goal is to combine strong privacy rules with a relationship that allows flexibility, to give consumers and businesses certainty in their use of data," Hancock added.
Deputy CEO of techUK, Antony Walker, said: "The free flow of personal data across borders is fundamental to trade, commerce and communication. The tech sector, and increasingly every business in the UK that does business internationally, needs a clear legal basis for data transfer post-Brexit.
"We are pleased that the Government acknowledges the urgent need for a solution to this problem or they risk serious harm to both businesses and consumers."
Walker added that it will take time to form an agreement for this arrangement and that it took 18 months for the EU to agree on a similar decision in the past.
Tom Thackray, director of innovation at the CBI, said the paper is a step forward and recognises the importance of having a free flow of data to the UK's economy.
He added: "The strong alignment between British and European data standards opens the door to crafting a robust framework that enables the uninterrupted flow of data. In the short-term, a seamless transition deal is necessary to protect the free flow of information and provide legal certainty to businesses and consumers."
The government has already announced it plans to overhaul the UK's data protection regulations to match UK law with measures being introduced by the EU. These proposals include the "right to be forgotten", where UK citizens can request that companies delete their personal data from any records. The ICO will also be able to issue tougher penalties to companies that mishandle personal data, including the possibility of being fined up to 4% of their global turnover, or 17 million.
This new bill will replace the Data Protection Act 1998, which previously regulated the use and protection of personal data.
Key considerations for implementing secure telework at scale
Identifying the security risks and advanced requirements of a remote workforceDownload now
The State of Salesforce 2020
Your guide to getting the most from SalesforceDownload now
Fast, flexible and compliant e-signatures for global businesses
Be at the forefront of digital transformation with electronic signaturesDownload now
Rethink your cybersecurity strategy for the new world
5 steps to secure the enterprise and be fit for a flexible futureDownload now