techUK Supports House of Lords Call for Data Adequacy
The House of Lords EU Home Affairs Sub-Committee report has acknowledged the importance of maintaining unhindered data flows between the UK and EU.
Following an inquiry into the EU Data Protection Package, the House of Lords EU Home Affairs Sub-Committee has acknowledged the importance of maintaining unhindered data flows between the UK and EU.
The House of Lords EU Home Affairs Sub-Committee yesterday published its report into Brexit and the EU Data Protection Package. The inquiry looked into four elements of EU Data Protection rules: The General Data Protection Regulation (GDPR), the Police and Criminal Justice Directive (PCJ), the EU-US Privacy Shield and the EU-US Umbrella Agreement.
techUK’s Deputy CEO, Antony Walker, provided evidence to the Committeeduring its inquiry and is heavily quoted in the Committee’s report.
The report sets out key changes ahead in EU Data Protection rules and the consequences Brexit will have for the UK and EU’s relationship on data protection matters. Most importantly the report looks at the impact Brexit will have on data flows between the UK and the EU. The Committee also looks into the impact on data sharing agreements with other third countries, such as the US.
The Government has already confirmed a desire to see continued unhindered data flows between the UK and EU post-Brexit and have committed to implement GDPR through the Data Protection Bill to help achieve this. The House of Lords report, following evidence from techUK, has called for that to be achieved through an adequacy agreement, recognising the burdensome and expensive nature of the alternatives.
In assessing the implications of Brexit on data protection, the Committee has also considered the possibility of future divergence from GDPR in the UK and the future role of the ICO on the international stage.
Some of the key conclusions and recommendations from the report are:
- “We [...] recommend that the Government should seek adequacy decisions to facilitate UK-EU data transfers after the UK has ceased to be a member of the EU. This would provide the least burdensome and most comprehensive platform for sharing data with the EU, and offer stability and certainty for businesses, particularly SMEs.
- “We urge the Government to ensure that any transitional arrangements agreed during the withdrawal negotiations provide for continuity of data-sharing, pending the adoption of adequacy decisions in respect of the UK.
- “Although there are alternative mechanisms to allow data to flow out of the EU for commercial purposes, these are sub-optimal compared to an adequacy decision, and may not be available to some types of companies, for instance small companies or those dealing directly with consumers. Some are also currently subject to legal challenge, notably the Schrems II case against Standard Contractual Clauses, underlining the need for a transitional arrangement.
- “There is no prospect of a clean break: the extra-territorial reach of the GDPR means that the legal controls placed by the EU on transfers of personal data outside its territory will apply when data is transferred from the EU to the UK, affecting UK businesses that handle EU data.
- “The UK has a track record of influencing EU rules on data protection and retention. Brexit means that it will lose the institutional platform from which it has been able to exert that influence. It is imperative that the Government considers how best to replace those structures and platforms in order to retain UK influence as far as possible. It should start by seeking to secure a continuing role for the Information Commissioner’s Office on the European Data Protection Board.”
Commenting on the publication of the report, Antony Walker, Deputy CEO techUK, said:
“We welcome the Committee’s report and assessment that an adequacy decision is the best option available to achieve the Government’s aim of unhindered data flows between the UK and the EU post-brexit. As the Committee has recognised the importance of cross-border data flows to the UK cannot be overstated, and they matter to organisations of every size and sector. As the UK embarks on ambitious plans to establish trade deals across the globe, the ability of data to flow in a frictionless way will be crucial. The free flow of data is fundamental to the UK and EU’s modern digital economy and ensuring a robust and secure mechanism is in place to allow data flows to continue from the moment the UK leaves the EU must be a priority in Brexit negotiations.
“We also welcome the Committee’s recognition of the important role the ICO plays in Europe and support the Committee’s recommendation that the ICO should be able to continue to participate in the European Data Protection Board once it is established.
“techUK was pleased to provide evidence to the Committee’s inquiry and stands ready to assist as these importance issues are negotiated.”
Latest News from
City AM & Bird & Bird | Digital Innovators Network20/09/2017 12:15:00
City AM and Bird & Bird's Digital Innovators Power List will celebrate and showcase 50 of the UK's most innovative digitally-led companies.
Sir Michael Fallon’s Address to DSEI – techUK View19/09/2017 15:43:00
techUK assesses the Secretary of State's speech on technology deployment and future procurement.
#techUKPS2030: The Future of Policing & Public Safety18/09/2017 16:15:00
A summary of the Digital Policing and Public Safety panel at PS2030, sponsored by InterSystems.
Data Protection Bill Begins its Journey in House of Lords15/09/2017 14:25:00
The path to implementing the General Data Protection Regulation (GDPR) into UK law has begun.