The House of Lords urges UK to maintain data transfer flows with EU after Brexit

iStock credit: fotobauer

The UK government’s security standards could be weakened if transfer flows between the UK and EU are weakened following Brexit.

This is according to the Lords Select Committee, which has released a report looking at the revamp of the trade bloc’s data protection standards and how these could impact data transfer between the two parties.

Leaving the EU could mean the UK overhauling the General Data Protection Regulation, the EU-US Privacy Shield and the EU-US Umbrella Agreement and the Police and Criminal Justice Direction (PCJ Directive). 

Although the UK government has explained it wants to maintain unhindered data flows, the Lords Committee is concerned about the lack of detail over how it intends to remain part of these laws. 

The group has warned that any post-Brexit agreement could result in greater tension around UK-EU data flows and present barriers to trade, potentially placing the country at a competitive disadvantage.

To make sure the UK stays competitive, the committee has warned against relying on contractual clauses and recommends adequacy agreements. 

However, Stewart Room, PwC’s global data protection legal services leader, noted that only 11 jurisdictions have adequacy agreements in force. 

Mr Room is concerned that this could lead to a potentially lengthy process, and he wants to see negotiations provide more certainty in the situation.

The report explained: “Legal controls on the transfer of personal data to non-EU countries mean that any changes in the EU data protection regime could affect the standards that the UK needs to meet to maintain an adequate level of protection.”

While Brexit could mean the country losing its influence on EU data protection laws, the Lords Committee recommends working on a continuing role for the Information Commissioner's Office on the European Data Protection Board.

As the ramifications of Brexit still remain unclear, it is crucial that data transfer is taken seriously to reduce the threat of cyber crime.