AI, EU and Future Data Protection Regulations in the UK

Will the United Kingdom move away from GDPR after Brexit?

Alex Moltzau
3 min readSep 25, 2020

Clearly UK had been experiencing a decreasing trust from Brussels after their decision to no longer be a member state of the EU. This has not been improved by the recent intention of the UK government to break international law.

A memorable moment was when the Northern Ireland secretary, Brandon Lewis told the House of Commons:

“Yes, this does break international law in a very specific and limited way. We’re taking the powers to disapply the EU law concept of direct effect … in a certain very tightly defined circumstance.”

This was pertaining to the withdrawal agreement that had been signed with the EU.

Sadly, taking these kinds of actions sets a worrying risk of having a government that fails to uphold their commitments and agreements.

It is therefore with a justified scepticism that we can begin to consider how digital regulation will be in the UK going forward.

On the 25th of September 2020 Daniel Boffey wrote an article about the outline of a new data law talked about by Dominic Cummings.

According to Boffey’s article Cummings is proposing a: “… radical “pro-tech” plan… to rewrite Britain’s data protection laws”

Brussels has warned this is an endangering future cooperation with the EU worth billions to the British economy. It could be dangerous to trade.

The UK government has proposed a national strategy with a promise of transformation.

This comes as a sensitive time with the continued flow of data between the UK and EU member states in question, especially after recent statements from Facebook.

One big question for the European Commission is:

  • Will UK laws be in line with the EU’s general data protection regulation (GDPR) and law enforcement directive after 1 January 2021?

This is important to the EU due to the flow of data and law enforcement.

According to the article by Boffey it is clear UK has a lot to gain from this being a smooth process, as their exports of data-enabled services are substantial.

“The government estimates that EU exports to the UK of data-enabled services were worth approximately £31bn in 2017 while UK exports of data-enabled services to the EU were worth around £80bn in 2017.”

Amid the uncertainty, the recent strategy paper seeks to:

  1. Remove “legal barriers (real and perceived)” to data use.
  2. Encourage international sharing.
  3. Deliver a “radical transformation of how the government understands and unlocks the value of its own data”.

UK applies EU data protection in the transition period.

The UK applies EU data protection rules during the transition period, but will it do so afterwards?

It can certainly change in the future.

Rules on international transfers could be different.

It is important to consider developments also outlined in Boffey’s article:

“In July, the Luxembourg court made the transfer of personal data to the US from the EU almost legally impossible due to the intrusive nature of surveillance programmes undertaken by the US intelligence agencies and the lack of redress for EU citizens.”

How can Brussels be sure UK will recognise these implications?

After all UK companies will likely be handling European data.

Will UK move away from EU’s “gold standard” GDPR?

What are the regulatory intentions and possible implications?

Dominic track record in recognition of these challenges are not exactly impressive.

“Two years ago, Cummings, who championed vast data collection by the Vote Leave campaign during the Brexit referendum campaign, described the EU’s GDPR as “horrific”. One of the many advantages of Brexit is we will soon be able to bin such idiotic laws,”

With this kind of leadership it is hard to see how UK can bring forward a better deal for their citizens relating to a fair deal regulating technology.

This is #500daysofAI and you are reading article 479. I am writing one new article about or related to artificial intelligence every day for 500 days.

--

--

Alex Moltzau

Policy Officer at the European AI Office in the European Commission. This is a personal Blog and not the views of the European Commission.