The Government should pursue full regulatory equivalence with the European Union for data protection, to ensure unhindered data flows between the UK and EU after Britain leaves the EU, says a Parliamentary committee of peers. That sticking to EU in data protection matters would offer stability and certainty for businesses and maintain police and security cooperation, says the EU Home Affairs Sub-Committee. Among the committee’s members are Lord Condon, a former Metropolitan Police Commissioner.
Although the Government has stated that they “will seek to maintain the stability of data transfers between the EU, Member States and the UK”, little detail has so far been offered on how the Government plans to deliver, according to the report. Without a transitional arrangement, the lack of tried and tested fall-back options for data-sharing in the area of law enforcement would raise concerns about the UK’s ability to maintain deep police and security cooperation with the EU and its member states in the immediate aftermath of Brexit, says the committee.
The sub-committee chairman, the crossbench peer Lord Jay of Ewelme, a former British ambassador to France, said: “The volume of data stored electronically and moving across borders has grown hugely over the last 20 years. Between 2005 and 2012 alone, internet traffic across borders increased 18-fold. The maintenance of unhindered data flows is therefore crucial, both for business and for effective police cooperation.
“The committee was concerned by the lack of detail on how the Government plans to maintain unhindered data flows post-Brexit. It was concerned, too, by the risk that EU and UK data protection rules could diverge over time when the UK has left the EU. To avoid this, the committee urges the Government to secure a continuing role for the Information Commissioner’s Office [the Uk data protection regulator, the ICO] on the European Data Protection Board.”
The report sets out how keeping unhindered data flows with the EU after Brexit could require the UK to continue to align domestic data protection rules with EU rules, that it no longer has a say in setting.
Comment
Detlef Spang, CEO for Data Centre Services at the networks and comms product company Colt, said: “This morning’s report from the House of Lords highlights both the challenges of extracting the UK from European data laws while trying to remain compatible with them, as well as showing how significant the upcoming General Data Protection Regulations (GDPR) will be post-Brexit. GDPR will require cloud-based service providers and storage repositories to provide visibility of network traffic if they are being used to store EU citizen data. It should mean law enforcement agencies are able to achieve an unhindered flow of data with different countries. However, there are questions over how this information will be shared effectively following a country’s withdrawal from EU membership.
“A new Data Protection Bill was proposed for the UK in a recent speech by the Queen. This would seem to tighten regulations on data access, retention and security even further, as well as potentially overhaul the powers of law enforcement and other agencies regarding access to data for investigations. Until negotiations for Brexit are confirmed, data centre providers must continue to provide low-latency, high-performance solutions to ensure seamless operations.”
