Pressure grows on government to clarify post-Brexit position on UK-EU data flows

The government is coming under increasing pressure to provide concrete assurances that data flows between the UK and EU will be allowed to continue unhindered post-Brexit.

Tech industry stakeholders were holding out hope that the latest draft of the government’s Brexit withdrawal text would offer a glimmer of a formal agreement being struck that would safeguard UK-EU data flows when the UK leaves the European Union (EU) on 29 March 2019.

Published on 19 March 2018, the withdrawal agreement is intended to provide joint guidance, courtesy of the UK and EU negotiating teams, on how discussions between the two groups are progressing, ahead of the UK extricating itself from the EU in a year’s time.

Although the 129-page document lists some draft terms that will come into effect once the 21-month “Brexit transition period” begins on 29 March 2019, it does not cover whether or not the UK will be classed as a “third state” as far as data flows are concerned.  

If the UK is considered a third state between 29 March 2019 and 31 December 2020, when the transition period ends, an adequacy agreement will need to be drawn up to ensure that the free flow of data between the UK and EU can continue during that time.

“The tech sector will be concerned that there remains no formal agreement around the ongoing ability to deliver the free flow of data during the transition period,” said Antony Walker, deputy CEO of TechUK.

“It needs to be clear that the UK is not a ‘third country’ when it comes to free flow of data during the transition.

“Delivering a close ongoing relationship that allows data to flow freely, and giving the information commissioner a role in shaping future changes to data protection rules, must be a top priority.”

The free flow of data is a point the lobbyists at TechUK have been calling for clarity on since the outcome of the EU referendum vote in June 2016.

Indeed, during a speech earlier this month, prime minister Theresa May talked of the importance of having a full-proof data protection deal in place between the UK and EU, post-Brexit, as the “free flow of data” is “critical for both sides”.

During a parliamentary question and answer session on 22 March 2018, Matt Hancock, secretary of state for digital, culture, media and sport, was pushed for details on how prepared the government is for any data protection-related fallouts from Brexit.

Hancock reiterated the government’s commitment to ensuring that the free flow of data between the UK and EU is allowed to continue, once the UK formally extricates itself from the EU, because of how critically important this is to trade.

“The free flow of data is critical for both sides – the EU and the UK – and is at the core of any modern trading relationship,” he said. “That is why we are committed to ensuring that after the UK leaves the EU, we will keep data flows open.”

The lack of clarity on data flows is not just a concern for the tech sector, but could have far-reaching implications for the entire economy, Giles Derrington, TechUK’s head of policy for European exit, told Computer Weekly.

“If you don’t have the free flow of data, then an awful lot of other industries will end up having to spend a lot of time, effort and money resolving issues that are not at the forefront of their concerns at the moment, but would be very quickly if this is not dealt with,” he said.

Although the final version of the agreement is not due until October 2018, time is of the essence when it comes to tying down this issue, said Derrington.

“This has to be prioritised because of how important it is,” he said. “What is key for us is that they have got to land it [the agreement] and finish it quickly because it will potentially complicate the situation between March 2019 and December 2020.”