The UK wants a seat at discussions on data protection in the EU after it leaves the bloc
By Lucy McNulty
UK negotiators will push the European Union to recognise its data protection rules as equivalent to those in operation in the bloc as early as possible in Brexit talks, according to a government paper published today.
The paper is the latest in a series of documents released by the UK government this month, outlining how it would like its future relationship with the EU to develop.
The paper – which depicted how the government would like the exchange and protection of personal data to develop post-Brexit – said continued regulatory cooperation between the UK and the bloc would avoid “economically costly” disruption in cross-border data flows.
From May 2018, institutions will have implemented new European data protection rules. Known as the General Data Protection Regulation, the EU regime will require European businesses to apply rigorous standards of privacy to the collection and storage of personal data.
Under GDPR, City firms must keep records of all client data, be able to prove that consent was given to use that data, show what the information is being used for, how it is being protected and raise the alarm when a breach of data security has occurred. Failure to do so could see firms fined up to 4% of their global annual revenues or €20m — whichever is the greater.
READ London’s business tsar urges Brexit rethink
After the UK’s exit from the bloc, in March 2019, the rules will continue to apply to its firms, the paper said, adding that a decision could then be followed by “new and more permanent arrangements”.
“The government believes it would be in the interest of both the UK and EU to agree early in the process to mutually recognise each other’s data protection frameworks as a basis for the continued free flows of data between the EU…. and the UK from the point of exit,” the paper said.
Such recognition will have to be determined by the European Commission in a so-called adequacy decision. Whether or not the Commission will grant it remains up for debate, but the government believes it is a strong position to secure it.
The paper also called for “an ongoing role” for the Information Commissioner’s Office, the UK’s data protection regulator, in EU gatherings to ensure it continue “to be fully involved” in the “regulatory dialogue”.
UK digital minister Matt Hancock said in a statement today that “a strong future data relationship between the UK and EU, based on aligned data protection rules, is in our mutual interest”.
He said: “Our goal is to combine strong privacy rules with a relationship that allows flexibility, to give consumers and businesses certainty in their use of data.”
Previous papers this month have stipulated how the UK would like judicial cooperation with the EU, official document confidentiality and access to the European customs union to evolve post-Brexit.