This article is more than 1 year old

UK.gov is ready to talk data safeguards with the EU – but still wants it all

Look at our information protection laws and well-resourced watchdog

The UK government has insisted it's in the European Union's best interests to grant it a souped-up agreement on the protection and sharing of personal data post-Brexit and wants to start talks now.

In the long-awaited Brexit white paper – over which two secretaries of state have resigned – the government outlined its new, softer approach to departure from the bloc.

Published today, it is being debated in the House of Commons this afternoon but its introduction was met with chaotic scenes as MPs protested that they didn't have copies of the paper (PDF). The session had to be suspended less than two minutes into newly appointed Brexit secretary Dominic Raab's speech while printouts were passed round.

The document is split into four sections: proposals for an economic partnership, including frictionless customs arrangements and new arrangements for technologies; proposals for security, covering continued participation in key agencies and wider cooperation on cyber security; plans for further areas of cooperation; and for institutional arrangements.

Adequacy deal is a 'starting point'

Having been criticised for its previous lacklustre statements and slow prep on data flows post-Brexit, the government put a lot of emphasis on data exchange and data protection in the document.

It warns that disruption in cross-border data flows would be "economically costly" and risked creating "unnecessary barriers, such as the unjustified localisation of data" that could damage business. Similar statements are made for law and security databases.

The government also insists, as expected, that it sees the EU's usual adequacy agreement – which the bloc has with 12 countries, in addition to two partial agreements – as "the right starting point" but that it should "go beyond the framework".

This includes that the UK should be allowed to leave the EU while effectively staying in its members' clubs – a common theme throughout the document, which refers to the European Data Protection Board in the context of data flows.

Michel Barnier, chief EU Brexit negotiator

Chief EU negotiator tells UK to let souped-up data adequacy dream die

READ MORE

This is in spite of missives from the EU's chief negotiator Michel Barnier, in which he has repeatedly said the EU "cannot, and will not" share its decision-making powers with a third country.

In a possible bid to win over such opinions, the government said that wherever the UK participates in an EU agency, it will respect the remit of the Court of Justice of the European Union.

And for data protection, the UK tried to sell it as beneficial to the EU, noting that the Information Commissioner's Office is an "internationally respected, influential and well-resourced regulator".

Meanwhile, access to the one-stop-shop mechanism – which allows organisations to deal with just one authority – would "avoid unnecessary complexity and duplication" and ensure EU citizens could enforce their rights across borders.

At the same time, it tries to downplay the challenges in achieving a quick adequacy deal by highlighting the fact the UK and EU "start from a position of trust" in that much of the GDPR is mirrored in the UK's new Data Protection Act.

The government also appeared to recognise public concerns that Brexit negotiations need to start in earnest very soon in order for there to be no data "cliff edge", saying it was "ready to begin preliminary discussions on an adequacy assessment so that a data protection agreement is in place by the end of the implementation period at the latest".

However, it isn't clear what the EU's position on this would be, as Barnier has previously said that "such a decision can only be taken once we are able to assess the new UK legal framework".

We'd double your DNA database

The document makes similar requests for the UK to remain half-in and half-out of agencies like Europol and Eurojust and various security and law enforcement databases, including those for DNA, fingerprints and airline passenger information.

Continuing with the theme of thinly-veiled threats and bribes, the government said that "without the UK's participation in, and contribution to, these data exchange tools, there would be a significant loss of capability" that would reduce the EU's ability to protect EU citizens and track terrorist networks.

Similarly, if the UK were given access to the EU's Prüm DNA exchange tool, its five million DNA profiles "would nearly double those currently available".

The document also stressed the increasingly online nature of crime, saying that "malicious cyber activity knows no international boundaries and has grown in terms of intensity, complexity and severity over the course of the last year" and called for increased cooperation in this area.

Elsewhere, the government confirmed the UK will leave the Digital Single Market and proposes joint commitments to an "open and liberalised electronic communications sector" for UK and EU businesses to access public telecoms services and networks.

It also moots the idea of developing new arrangements for technologies such as artificial intelligence, noting that they are vulnerable to non-tariff barriers.

"New and emerging technologies are also creating new and shared challenges," it said. "The UK therefore proposes exploring new models for regulatory cooperation between the UK and the EU to tackle these shared challenges and advance shared objectives in the future." ®

More about

TIP US OFF

Send us news


Other stories you might like