newswire_banner

    Brexit’s Impact on Data Transfers

    Jul 26, 2016

    Britain’s unexpected vote to leave the European Union (dubbed “Brexit”) stifled some of the enthusiasm for the new Privacy Shield agreement reached recently.  At least for U.S. readers, the bigger question may be, “How will Britain’s exit from the EU affect future data privacy negotiations and laws? The U.K.’s exit will take years, most experts say, but when it happens, EU-U.S. agreements may be harder to come by.

    Ryan Costello, operations manager for eTERA Europe, told Legaltech News that "without the U.K., the United States loses the most enthusiastic security partner and intelligence ally that it has in the Privacy Shield negotiations." He said Britain’s absence from any future negotiations may make compromise between the EU and the U.S. more difficult.

    Linda Sharp, associate general counsel of ZL Technologies, concurred. She told Legaltech News that traditionally, “the U.K. has been more surveillance-friendly than the rest of the EU.” Surveillance disagreements between the EU and U.S. stymied Privacy Shield negotiations for a time before the law was finally agreed upon.

    The Brexit vote also affects organizations that opened a European headquarters in the U.K. to meet EU data regulations. "Many multinational companies have looked to the U.K. as their place of preference for hosting EU data whether on premise or in a cloud-based environment," Sharp said. "Although in the short term, I don't see much will change; however, as the exit process materializes, this may create a huge wrinkle in the way that we handle EU data in the future.”

    As for Britain itself, no one knows what to expect in terms of whether it will continue to adhere to EU data rules or create its own. Deema Freij, global privacy officer at Intralinks, said he believes the “U.K. would try to adhere as closely as possible to the GDPR [General Data Protection Regulation]. The rationale being, if there is a full separation in due course, it will be regarded as an ‘adequate’ country from a data privacy perspective by the European Union and would be able to have transfers of personal data to and from Europe without problems.”

    However, he added: “I think we can expect a uniqueness in the U.K.'s own data protection laws, striking, perhaps, a middle-road between the strict requirements of Europe, and the more industry-friendly approach of the U.S.”

    Because the U.K. and the United States have been so close in thinking regarding intelligence and security matters, some experts say Britain may pursue a separate privacy agreement with the United States. “Upon leaving the EU, a separate privacy agreement [with the U.S.] is possible, and would likely not see the roadblocks that the current Privacy Shield arrangement has,” Costello noted.

    Sources:

    SFgate.com
    LegalTechNews.com

    © 2017, ARMA International