Theresa May’s speech to the Munich Security Conference this weekend may have been noticeable for its promise of continued military and policing co-operation, but it has also been welcomed by the UK’s finance and tech industries for another reason; the Prime Minister’s approach to data security and sharing.
Having addressed the physical aspects of security co-operation, including continuing programs on counter-terrorism and extradition, Mrs May moved to the issues of cyber-security and data protection and sharing. Referring to last year’s NotPetya attacks, the PM pledged that the UK would work closely with the EU “to defend our interests in cyber space”. She also stressed the importance of data-sharing to law enforcement co-ordination, allowing police and intelligence services to continue sharing evidence after Brexit.
This emphasis was welcomed by TechUK, a trade body, who’s CEO, Julian David, called for a close relationship to combat terrorism, smuggling and cyber-threats. “Critical to delivering this partnership is securing cross border data sharing between law enforcement, security and intelligence agencies. It is very welcome that the Prime Minister was so clear on the importance of data sharing. Many of the threats we face do not recognise national borders, so it is in the manifest interests of both the UK and the rest of the EU that these agencies are able to share information on threats across borders quickly and efficiently,” he said.
The PM also drew praise from the UK’s business community for her approach to joint data protection and data sharing. Referring to the Data Protection Bill currently before Parliament, which will implement GDPR in domestic law, Mrs May pointed to the UK’s historically high standards of data protection. “We envisage an ongoing role for the UK’s Information Commissioner’s Office, which would be beneficial in providing stability and confidence for EU and UK individuals and businesses alike,” she told the conference.
Many people have interpreted this as a promise to continue close alignment with the GDPR standard after the UK leaves the EU in 2019, which would ease business relationships with the continent. Stephen Jones, chief executive of UK Finance, which represents the financial services industry, welcomed the prospect, saying: “Every day millions of consumers and businesses in Europe rely on the free flow of personal data across borders. It is crucial an agreement is reached that allows these vital data transfers to continue along with high standards of data protection.”
Julian David agreed with UK Finance’s position and particularly welcomed the prospect of the ICO continuing to lead co-operation. “We are glad to hear that the Government is ready to begin work on this with the Commission now. This work will be crucial to ensure businesses have clarity and certainty that the UK’s position as a global hub for data flows continues,” he said. Even in the absence of the Prime Minister’s planned treaty, many UK firms will need to comply with GDPR after 2019, as its rules apply to any organisation handling the data of EU citizens, but a close alignment will allow for easier cross-border trade.