Some Brexit critics have argued that Brexit will lead to decreased data sharing and threaten our national security.
However, the government has assured that Brexit won’t alter existing data flows.
A recent House of Lords report, ‘Brexit: The EU data protection package’, provides information as to how Brexit could affect existing data and trade flows. It states that cross-border data flows to the UK are extremely important, with trade in services accounting for 44% of the UK’s global exports. Furthermore, three-quarters of the UK’s cross border data flows are with EU member states.
Some of the key findings from the report include:
- The government wants ‘unhindered’ data flows, but the committee “was struck by the lack of detail on how the government plans to deliver this”
- The report recommends the best approach would be an ‘adequacy decision’, meaning Britain is treated as a non-EU member state, following a set procedure with transitional agreements to avoid a “cliff edge”
- Any hindrances to data access could prevent police co-operation e.g. access to the Schengen Information system (SIS II) and the European Criminal Records Information System (ECRIS)
- Laws governing data transfers to non-EU member states mean any changes made to the EU data protection regime “could affect the standards that the UK needs to meet to maintain an adequate level of protection”
- Brexit means that “the UK will lose the institutional platform from which it has been able to influence EU data protection rules”
This reflects some concerns critics have about Brexit. Lord Condon, former MET Police boss, stated in an interview with the BBC that the government needs to “get its act together”. This is because it could become “much more difficult” for police to share data and to access some databases unless transitional agreements are arranged.
Although this might be the case, Brexit won’t affect existing data sharing with NATO, the UN and the FVEY/Fives Eyes Alliance countries of New Zealand, The United States of America, Australia, Canada and Britain. Furthermore, France and Britain share data and co-operate collectively outside of the European Union under the Lancaster House treaties of 2010.
The EU is already in the process of reforming its data protection rules. Said reforms include the Data Protection Directive and the General Data Protection Regulation, focusing on reinforcing individual rights and streamlining international data transfers.
The FT states that “the new rules broaden the definition of personal data to include… IP addresses and mobile phone location”.
The new reforms, set to come into effect in 2018, mean that the UK’s data protection rules cannot stray too far from this policy, or else companies may lose access to personal data from the EU.