In the draft rules, the European Union Commission announced that the UK’s level of data protection would be appropriate at the start of the year. After Great Britain left the European Union, a so-called convenience decision became necessary, which outlines the protection of personal data in the concerned country outside the European Union.
The Commission makes such decisions for many countries. Privacy Shield, which regulates the flow of data to the United States, is particularly well known. However, like the previous Safe Harbor Regulation, the European Court of Justice scrapped the basis for sharing data, because US intelligence services have broad access to data, which is inconsistent with the European Union’s Charter of Fundamental Rights.
The commission threatens to repeat mistakes
Parliament now wants to prevent the commission from embarrassing again. The Socialist MP said that the convenience decision should only be taken once specific aspects of UK legislation that would raise serious concerns are properly assessed. Juan Fernando Lopez Aguilar in a press release: “That is why we call on the commission to review its decision so as not to repeat its mistakes.”
Although Britain’s data protection law is largely the same as European Union law, there are concerns about implementation, according to MEPs. There are broad exceptions in the areas of national security and immigration. There is a lack of independent oversight by the courts, and the government has far-reaching powers.
British investigative authorities and secret services, for example, have extensive access to stored data. According to the decision, this does not comply with the GDPR. Additionally, access to metadata, which can also contain sensitive information, is not sufficiently restricted by law.
Known privacy issues
With the Investigative Powers Act, exceptionally strict surveillance law has been in place in Great Britain since 2016. This includes, among other things, extensive data retention and excessive access rights to investigative powers. Additionally, the GCHQ Secret Service monitors large amounts of contact data and cooperates closely with the United States’ secret services – a practice that ends regularly in high courts.
In April, the European Data Protection Council, which brings together data protection authorities in European Union countries, Similar criticisms of the Authority’s draft Practicing. The massive storage of personal data, the vast powers of British security authorities, and insufficient protection of immigrant data will require amendment of the committee’s draft, according to the Data Protection Committee.
It is scheduled that the plenary session of the House of Representatives will vote next week on the decision issued by the Interior Committee today, by 37 votes to 30. The Commission has the last word, but it must take into account the opinion of European Union countries and the European Data Protection Council’s assessment. If you let the previous draft pass unchanged, no one can claim that it was not warned.