The government has laid out its vision for a data sharing pact between the UK and the EU after Brexit.
The proposals are designed to ensure that personal data can continue to be shared between the two jurisdictions “in a safe, properly regulated way”.
Under the plans, the Information Commissioner would remain involved in regulatory discussions and the UK and EU would recognise each other’s data protection rules.
It is feared that if the UK leaves the EU without a data-sharing pact in place, British companies will be burdened with costly requirements to prove that they handle EU citizens’ data in a way that complies with EU law.
“In the modern world, data flows increasingly underpin trade, business and all relationships,” said digital minister Matt Hancock. “We want the secure flow of data to be unhindered in the future as we leave the EU.”
Many in the industry think that securing such an agreement should be a top priority for government as it negotiates the terms of Brexit.
Antony Walker, the deputy CEO of industry body techUK, said he broadly welcomed the proposals.
“We’re pleased that there is recognition of the significance of the issue, that international data transfers really do underpin our ability to trade and do business with other countries,” he told NS Tech.
He said that the paper is good on what the government wants to achieve, but that more detail is needed on how they will achieve it: “On the EU side, I think they will be very pleased that the UK is committing to very strong implementation of GDPR. I think that’s a positive thing.”
But he added: “In order for the European Commission to determine whether the legislation is adequate in ensuring the protection of citizen’s data, they have to look at the whole legal and regulatory framework. The UK’s security legislation comes within the scope of that evaluation.
“That will inevitably lead to some pressure from some who think that is too far reaching to question whether that is in fact compatible with EU data protection law.”
However, Walker was optimistic about the chances of achieving a deal that would pass the Commission’s adequacy standards. “If you look at the fact that the EU managed to negotiate the privacy shield agreement with the US, that I think is evidence that these issues can be worked through.”