Industry Trend Analysis - Quick View: Data Protection Not The Main Issue In Future UK/EU Agreement - APR 2018
BMI View: Data protection will not be the main issue in a future trade agreement between the UK and the EU. The UK is looking to retain the same authority with regards to the GDPR post-Brexit, and while we expect an adequacy deal to be agreed, a role for the ICO will depend on agreements on more important issues.
The Latest: In her speech on Friday 2 March, British Prime Minister Theresa May set out five foundations that must underpin the future trading relationship between the UK and the EU, once the UK has withdrawn from the bloc. One of these five foundations is the need for a data protection agreement, with May looking for the Information Commissioner's Office (ICO), the UK top data protection authority, to retain a role post-Brexit.
Implications: The UK is looking to keep an active role in the application of the General Data Protection Regulation (GDPR), which will become applicable in May 2018. This means the UK will leave the EU in a state of regulatory convergence, and wants to ensure it remains strong player in the digital industry post-Brexit, with the ICO retaining its authority as a One-Stop Shop. This goes beyond a more basic adequacy agreement between the UK and the EU, where the UK will be considered a third-party. While there is broad agreement between the UK and the EU in terms of data protection, an increased role for the ICO, an external data protection authority, will be key for the EU in terms of a trade agreement.