THE UK GOVERNMENT has published a new position paper, in yet another attempt to ensure that everything will be tickety-boo, post-Brexit.
It comes after the publication of a proposed a new Data Protection Bill earlier this year, which will act as an 'adequacy agreement', bringing the country's laws in line with the upcoming GDPR. It will also enshrine the right to be forgotten and give end users more control over their online data.
The new bill doesn't deal with the sharing of information, though - and, with the region's data economy (whatever that is) forecast to be worth €643bn by 2020, the UK government doesn't want to lose access to those resources. With that in mind, the government's new position paper details its plans for rules on protecting and exchanging citizens' private information.
After leaving the EU, the UK "will continue to play a leading global role in the development and promotion of appropriate data protection standards and cross-border data flows" (translation: the government doesn't really want anything to change after Brexit).
Data is not only important for security, but for business. More than 40 per cent of the EU's large digital companies were founded in the UK, and 75 per cent of the UK's cross-border data flows are with the European Union.
The UK economy is dominated by service sectors, where data is vital (although as recently as June, the House of Lords criticised the government for its lack of understanding in this area).
Because of the importance of data sharing, to both regions (the EU economy would also be hurt if these data flows were disrupted, the government insists), the government will look for a deal that is different to those the EU already has in place with non-member states.
Although the UK and EU start from "an unprecedented point of alignment", new arrangements will be necessary to govern the continued free flow of personal data. The paper states that these arrangements "could build on the existing adequacy model".
The new "special partnership" (special relationship, anyone?) must:
- Maintain the free flow of personal data between the UK and the EU;
- Offer sufficient stability and confidence for businesses, public authorities and individuals;
- Provide for ongoing regulatory cooperation between the EU and the UK on current and future data protection issues, building on the positive opportunity of a partnership between global leaders on data protection;
- Continue to protect the privacy of individuals;
- Respect UK sovereignty, including the UK's ability to protect the security of its citizens and its ability to maintain and develop its position as a leader in data protection;
- Not impose unnecessary additional costs to business; and
- Be based on objective consideration of evidence.
When the EU considers data-sharing with the UK, it will make its decision partly based on the UK's adequacy: how close the country's own laws align with the European Union's on data protection.
However, the Data Protection Bill, which is intended to be equivalent to the GDPR, will not be considered in a vacuum. Surveillance measures, like the controversial Investigatory Powers Act (or Snooper's Charter) will also be considered. The new paper makes no mentioned of the IP Act.
Critics have already spoken out against the paper, criticising it for lacking detail and for simply restating the same points throughout.
It has its supporters as well, though.
Anthony Walker, deputy CEO of industry body TechUK, said: "The government's paper suggests that they have listened to the tech sector, and the thousands of businesses across the whole economy who rely on data transfers to serve their businesses and their consumers." µ
Welcome to the dystopia Black Mirror warned us about
Microsoft in 'more helpful' shock
A whole new way to be tied to your ISP
Search giant puts Epyc chips at the heart of its datacentre servers