It would greenlight the transfer of UK data to other member states
Well, it would then seem that the simplest way to achieve legal certainty is to do that ASAP.
The UK government has told companies to start drawing up standard contractural clauses for data transfers in case of a no-deal Brexit. The warning comes in latest batch of technical notices released to allow organisations to prepare for the event it doesn't manage to negotiate exit terms with the European Union before March …
No one's.
It is a consequence of an idea.
The idea that "Brexit means Brexit," despite no one having a f**king clue what that tautology actually meant
But they are starting to get a clue now.
And I think most people have found they don't like it.
Too bad those banjos didn't realize they were being played when they voted for it.
"The UK government has told companies to start drawing up standard contractural clauses for data transfers in case of a no-deal Brexit."
At least, there is good news, here: the 2 years long denial period is over and hopefully the UK businesses will be able to organize themselves.
So much time lost for something unavoidable.
Umm, if this is correct (and it's not an area I have any knowledge on) and as much as I disagree with Brexit the UK negotiators are clearly deficient in _not_ using this leverage. The amount of pain the UK can cause to the entire EU in this modern data centric world by appropriate control of this connectivity is, quite simply, breathtaking. Granted the leverage would be only until an alternative route was found but I can't imagine that could happen in anything less than years maybe?
"the UK negotiators are clearly deficient in _not_ using this leverage. The amount of pain the UK can cause to the entire EU in this modern data centric world by appropriate control of this connectivity is, quite simply, breathtaking."
Another miscalculation?
Consider:
UK: We're blocking your data flow. Do what we want or else!
EU. Oh. I guess we'll block your food, fuel, air traffic, raw materials, sale of goods and services, and travel. Have a nice day. Call us when you've thought this through.
> IIRC all the N. America - Europe cables go through Britain except for the ancient FLAG1 and a couple of cold war era cables to Iceland
Submarine Cable Map suggests otherwise.
There are only a couple of new cables, the new Microsoft/Google link to Spain and the Vodafone one to France.
Remember that the cables that land in Britain and then go to the continent all go through switches in the UK and then back out - they will count as a data transfer to the UK and be subject to "5-eyes" intercepts
UK.gov tells companies to draft contracts for data flows just in case they screw up Brexit
The UK government has told companies to start drawing up standard contractural clauses for data transfers in case of a no-deal Brexit.
in case????
I had an inkling this wasn't going to go well from the start, every news item comes out only seem to add certainty, even if the entire party was behind getting a deal.
As to sticking to EU compatible legislation, the UK can't even reliably stick to the sentiments of an enlightened liberal western civilisation without the trappings of a paranoid police state creeping in whenever a bill is involved.
What exactly do these new contracts look like?
Dear UK customer, G*d knows the rules will be next March - suck it up, it's not like you have a choice anyway.
Dear Eu customer, we don't know if we will be GDPR compliant, so it might be illegal for you to use us as a supplier. But don't worry we hope to have an answer in 2 years (hopefully).
No, so long as the UK continues to implement the GDPR and follow the GDPR rules on privacy, there is no requirement in the GDPR to follow other EU privacy laws. The GDPR was written so that non-EU countries could join and become GDPR nations, the US could become a GDPR nation if it wanted to and it would only have to adopt the GDPR, not any other EU privacy laws.
Does this mean that Cloud Providers would need Data Centres in both the UK and in the EU to ensure data stays within bounds?
Oh, and (slightly off-topic) it looks as if EU domains will be revoked, according to an email I've seen from 123-reg, There was a thread on this forum about this, and the T's&C's at the time seemed to indicate this was a non-problem. Seems like this issue has re-surfaced.
No they only need them in the Eu. UK data centers won't be allowed for Eu citizen's data but the UK will be in no position to make any demands of the American social media giants so they will be able to put UK customer data anywhere they want.
The Eu is fine with data for RoW users being processed in the Eu without the GDPR applying.
This is an extraordinary piece of guidance - fundamentally flawed because:
[1] standard contractual clauses are standard precisely because they are not drawn up by individual companies but are nationally defined by the Supervisory Authorities as a standard to be used by everyone.
[2] Only countries in the EU can draw up standard contractual clauses, so unless it does this right now (before Brexit) the UK will not be able to do so.
[3] As the UK will become a third country, any standard contractual clauses it draws up even now will have to be ratified by all the remaining EU countries as acceptable to them. This will take time!
I have been campaigning for ages to have this hugely serious problem addressed by Government, in the face of fairy godmother optimism that not only will everything 'turn out OK' but that we might even get special concessions from Europe on leaving because we're British.
My latest urgent call to action to the responsible parties in Government can be seen at http://businessinforisk.co.uk/library/BiR-transfers_and_Brexit.html
However I'm not holding my breath for action if the best the powers that be can come up with so far is 'do it yourself sunshine' despite the recommended course of action being completely useless as it will not be lawful under the GDPR.
What our negotiators have failed to understand is that it's the EU, not the UK, that has the whip hand in this. EU businesses can simply refuse to exchange personal data with us after March 2019 unless this problem is fixed prior to Brexit.
............EU businesses can simply refuse to exchange personal data with us after March 2019 unless this problem is fixed prior to Brexit............
The way I'm reading this, does it not mean that they have no choice but to refuse such data transfers, under EU law?