Trade body leader Julian David writes to international trade secretary Liam Fox to argue that the UK must adhere to data-protection rules to remain a tech-industry leader
Credit: niroworld/Adobe Stock
The chief executive of UK technology industry association techUK has written to international trade secretary Liam Fox to “caution against the misunderstanding that adherence to the EU data-protection regime is incompatible with securing high-quality trade agreements”.
The EU General Data Protection Regulation passes into law in the UK on 25 May. After the country exits the European Union, to maintain its position as a singularly attractive location for investment by technology firms, the UK must ensure it implements the measures laid out in GDPR, the letter says.
The country must also “negotiate a data-flows relationship with the EU based on adequacy”, adds the letter, which is co-signed by techUK chief Julian David, alongside Dean Garfield, CEO of the Information Technology Industry Council (ITI), a global body headquartered in the US.
Such a relationship need not come at the expense of trade deals that are beneficial for the UK, the letter says, pointing to the example of the EU-US Privacy Shield agreement. This arrangement has not prevented the US from “negotiating high-standard trade agreements that provide strong privacy protections”, according to the missive.
The letter asks that Fox remains cognisant that, not only can the UK continue to implement GDPR during Brexit talks, it “can do so consistently with the obligations that it may assume in future free-trade agreement negotiations”.
- EU approves Privacy Shield deal between member states and US
- TechUK creates Brexit advisory panel
- Interview: techUK head on the ‘leaders and laggards’ of government digital transformation
David and Garfield believe that “post-Brexit, the UK has the potential to continue to hold [its] coveted position” as a key location for international technology firms. But, “to do business internationally, companies depend upon legal certainty, clarity, and consistency”, the letter says.
“The digital world is continually evolving and countries, including the UK and EU, will have to ensure they strike the right balance in protecting their citizens’ data and positioning themselves to benefit from and lead in the development of emerging technologies,” David and Garfield say.
They add: “Given the importance of this issue to all our members, we would be keen to work with you to ensure that the UK’s strong data protection framework can be an enabler for 21st-century digital trade agreements.”
The letter also includes a copy of the No interruptions report from techUK and finance industry body UK Finance. The report examines the options for data-sharing between the UK and the EU in a post-Brexit world.
GDPR will unite all 28 member states under a single piece of data-protection legislation, making it easier to share information between entities in two nations. But, once the UK departs the European Union, UK firms processing EU data will need alternative arrangements to ensure the security and legality of their actions – perhaps an agreement in the vein of the Privacy Shield.
“Unless agreed otherwise by the EU and the UK, at the end of March 2019, the UK will become a ‘third country’ for data-protection purposes,” the report says. “This means that, from that date, the UK will be a location which is not deemed by the EU to automatically offer sufficient safeguards and protections for EEA personal data, and further steps will need to be taken by EEA exporters of personal data to ensure such data flows may continue on a lawful basis.”