From Jim Killock
How can you oblige Britain to change its laws without first asking Parliament? Well, there is an obvious way: put them in a trade deal.
The UK-Japan deal recently negotiated by Elizabeth Truss obliges the UK to weaken data transfer restrictions by accepting lower data protection standards. These commitments are in line with other trade deals the government is seeking to sign. However, this strategy has never been voted on, analyzed or even explained to Parliament.
The government impact assessment has only two lines on data transfer. They only describe what is intended and do not provide an impact analysis. This is the sad level of information that No. 10 has made available to Parliament and the public.
This is a very powerful test of Parliament. The procedures for trade agreements have rightly been criticized as they give Parliament a very weak role in the negotiations. They have no prior view of documents, they do not set the negotiating mandate, they can only potentially vote on the material result. Now we are finally seeing this result. How will Parliament react? Will Backbench MPs, the Opposition, and the Lords hold the government accountable?
The first thing Parliament needs is information that has been rejected. With regard to digital data protection, scientists warn that the agreement provides for weaker protection for data transmission. This is in line with the government’s desire to join the comprehensive and progressive Trans-Pacific Partnership Agreement, which has similar standards. In the worst case scenario, these agreements could lead to a mess of double standards for data in the UK or a loss of adequacy with Europe. Neither would be good for business, let alone privacy.
We need to know what convergence towards lower transfer standards means for consumers. Are their rights being weakened? How would problems be resolved? Does the government have any assessment of these issues? If so, why are they not available and are included in the impact assessment?
‘Navigating multiple, potentially conflicting regimes of regulation is not an easy task,’ wrote researchers at the UK Trade Policy Observatory recently, ‘and careful analysis of how best to do this and the implications of moving away from the EU approach is required . What’s this?” The impact of the new UK and Japan rules on data protection and privacy, and on an EU adequacy decision? The answers are far from obvious, much is at stake and the government’s approach needs to be carefully analyzed before the UK and Japan deal is ratified. “
Our current standards, which have their origin in the EU, state that only countries with a high level of data protection can be classified as secure. They are there to protect consumer privacy. Deviating from them to a more casual American model is a disastrous decision. Even the US Congress believes US law is cruel and there is a cross-Atlantic urge to provide a basic safety net for privacy.
Digital data protection is not the only danger area. There are also restrictions to prevent algorithmic transparency, deny access to source code and make the protection of online platforms from liability dependent on the enforcement of copyright. There are safeguards for “technical safeguards” that can affect the right to repair your own equipment.
Answers are needed in all of these areas. Instead, the government is effectively telling us to look the other way. It doesn’t have to be like that. Downing Street can try to freeze items in the deal or even bring them back into the status quo of the EU-Japan deal. This doesn’t have to be an accomplished fact. But Parliament must act now if it is to be stopped.
Jim Killock is the executive director of the Open Rights Group. You can follow him on Twitter here.
The opinions expressed in the “Comments and Analysis” section of Politics.co.uk are those of the author and do not reflect the views of the website or its owners.