Tech industry urges UK government to align with EU data regulations beyond Brexit

Written by David Adams

Two major technology industry organisations have pressed UK government ministers on the need to maintain alignment between data privacy laws and regulations in the UK and Europe after Brexit. A letter sent from techUK CEO Julian David and the Information Technology Industry Council CEO Dean Garfield to international trade secretary Liam Fox stressed the need for the UK to continue to comply in full with the EU General Data Protection Regulation (GDPR) after Brexit.

One of the most important reasons why regulatory conditions need to remain aligned is to ensure data transfers between the EU and the UK will continue to be permitted over the longer term. The letter from the two organisations points out that the UK is responsible at present for 11.5 per cent of global data flows, a prominent position due in part to its position between the US and mainland Europe.

David and Garfield said that the UK had the potential to retain its current “coveted” position as a valued location for global technology firms post-Brexit, but that to continue to do business internationally, companies needed “legal certainty, clarity and consistency”.

“We would caution against the misunderstanding that adherence to the EU data protection regime is incompatible with securing high quality trade agreements that promise open trade and investment, ensure free cross-border data flows and respect high levels of data protection,” David and Garfield wrote.

At the weekend, Prime Minister Theresa May told a security conference in Munich that the government intended to keep UK policy in line with EU data protection standards, but that she wanted to seek “a bespoke arrangement to reflect the UK’s exceptionally high standards of data protection”. However, her speech provided no further details as to how such an arrangement might work in practice.

In a worst-case scenario, in which the UK and the EU fail to define an agreement on data sharing post-Brexit, the UK would have ‘third country’ status from March 2019, meaning the EU would no longer assume the UK could offer sufficient safeguards to protect personal data relating to EU citizens.