EU lead on Brexit sounds new data warning

Michel Barnier says UK will have to abide by EU standards on exchange and protection of personal data

The EU’s chief Brexit negotiator has pointed to the need for “strict rules” over the transfer of personal data as a key obstacle to Theresa May’s hopes of a wide ranging exit deal.

Michel BarnierMichel Barnier (pictured) dismissed the prime minister’s suggestion of “mutual recognition” of standards, insisting that Brussels alone would decide if the UK’s procedures were acceptable.

“Take the case of personal data: all economic sectors work with personal data, ranging from the financial sector, to the health industry and to the transport sector,” Barnier said, as he warned of a Brexit impasse.

“In the single market, we have a modern and very detailed regulatory framework that allows for the free movement of personal data.

“This facilitates the collection and exchange of such data. It also provides for supervisory mechanisms, overseen by the court of justice of the European Union.”

Leaving the framework

Barnier said the UK would be leaving “this regulatory framework” – which meant no data transfer unless it received an EU “adequacy decision”.

“This is an autonomous EU decision. There can be no system of mutual recognition of standards when it comes to the exchange and protection of such data,” Barnier insisted.

He added: “In the future, the transfer of personal data from the EU to the UK will be subject to strict rules.”

The UK Government has taken a significant step with its agreement that it will abide by the General Data Protection Regulation – due to come into force in May – after Brexit. But there are other impediments in store.

In her Brexit speech on Friday, the prime minister expressed a wish for “reciprocal binding commitments” in the withdrawal agreement to cover data protection. But the swapping of data, including vital intelligence information, is threatened by her insistence that the UK will, at some point during a two-year transition period, end jurisdiction by the European Court of Justice (ECJ).

Need for approval

Without a separate deal, it will take up to three years after Brexit for Britain - as a third country - to receive EU approval for data to be freely exchanged. Even that is threatened by the EU court ruling that UK data retention rules, under the so-called ‘snoopers’ charter’, are illegal.

The situation partly explains a warning last month by defence think tank the Royal United Services Institute (RUSI) that Brexit could seriously undermine European security. The UK is set to drop out of cooperation mechanisms on foreign, security and defence policy – as well as data transfer – on Brexit day next March, it said.

Image from European Commission