British data protection laws to stay 'aligned' with the EU's after Brexit

British data protection laws will stay closely aligned with the EU’s after the UK leaves the Union, the Government has hinted.

In its latest working paper set to be released on Thursday, the Department for Exiting the European Union will outline proposals to allow personal data to continue to move back and forth between Britain and the EU in a “safe, properly regulated way”.

Officials say arrangements for data protection after Brexit would be about providing “continuity” with the current rules – hinting that little is likely to change – and that Britain could in fact work “more closely with the EU”.

Commenting ahead of the release of the paper, business groups said Britain already had “deep integration” with the EU on data protection and argued that a “deep level of regulatory cooperation” could continue in this area.

Minister for Digital Matt Hancock, said: “In the modern world, data flows increasingly underpin trade, business and all relationships. We want the secure flow of data to be unhindered in the future as we leave the EU.

“So a strong future data relationship between the UK and EU, based on aligned data protection rules, is in our mutual interest.

“The UK is leading the way on modern data protection laws and we have worked closely with our EU partners to develop world leading data protection standards.

“The paper published today sets out how we think our data relationship should continue. Our goal is to combine strong privacy rules with a relationship that allows flexibility, to give consumers and businesses certainty in their use of data.”

Allie Renison, head of EU and trade policy at the Institute of Directors, said: “The IoD agrees with the Government that our shared starting point and deep integration with the EU on data flows should make reaching a short-term agreement easier to negotiate.

“This is a future partnership paper but it talks about proposing arrangements for data-sharing that would reflect replicating regulatory standards at the point of exit, so we hope the paper distinguishes between interim and long-term arrangements. The latter will be harder to work out with respect to whether we do or don’t agree on maintaining data protection alignment with the EU.

“The easiest way of ensuring this is to prioritise an adequacy assessment for the interim period (not a complicated “unique model”, as that is for the longer term), and the Government should make clear whether this is its preferred option for governing data flows on Brexit day or not, given the time pressures of Article 50. “For the longer term, a new treaty or mechanism to manage this could work, but only if it is based on a deep level of regulatory cooperation that would need to be put in place to manage data flows.”

“It is crucial that businesses are not left relying on standard contract clauses to deal with managing data flows after Brexit. It is the responsibility of the UK and the EU to come to an agreement on this, rather than transferring the onus of compliance requirements onto companies.”