Some of the problems caused by leaving the EU without a deal are well-known—others less so. We explore some of the issues you won't have heard of in our new seriesby Steve Bloomfield / October 24, 2017 / Leave a comment
John Redwood is “quite relaxed” about Britain leaving the European Union without a deal. Julian Lewis believes “we should call their bluff.” Jacob Rees-Mogg claims if “we leave without a deal we don’t owe anything.”
Redwood and friends might be quite relaxed, but others are less sanguine. Some of the problems caused by leaving without a deal are now well-known, from the price of cars rising by 10 per cent to the possibility of UK airlines being unable to fly in and out of EU states. But there are many other, less familiar problems that leaving without a deal will cause.
Let’s start with the future of data flows.
What are data flows and what does it have to do with Brexit?
What, you mean you don’t remember all the newspaper articles and TV specials about data transfers within the EU that took place during the informative and wide-ranging debate held before the referendum?
How does it work within the EU?
Any member of the European Economic Area (that’s the EU plus Iceland, Liechtenstein and Norway) can transfer data between each other. Data flows freely throughout the continent.
Okay, but what happens when the UK leaves?
We become a “third country.” That means there are restrictions on the transfer of data.
And is there an easy solution?
There is. It’s called a Data Adequacy Decision. The European Commission studies our data protection laws and establishes that there is an “essential equivalence” between our rules and theirs. They decide if the third country regime is adequate or not. Given that we’ve been happily transferring data within the EEA for decades, this should be straight-forward.
But all that goes out of the window if we leave without a deal?
Correct. That’s what “no deal” means. No deal on everything.
But what about the WTO? I heard we would just rely on the WTO, or something.
The World Trade Organisation has nothing to do with data adequacy.
So, talk me through what will happen.
If the UK doesn’t have an adequacy agreement then individual companies and organisations have to fall back on binding corporate rules. This allow for data to be transferred between a group, which means big multi-national corporations will be okay. Small and medium-sized companies will have to rely on “standard contractual clauses.” They are “incredibly burdensome,” says Jeremy Lilley at the tech trade association, techUK. “They have to be in every contract an organisation negotiates. It’s a significant legal burden and very resource intensive. Companies could have to renegotiate millions of different contracts.”
This sounds complicated. And expensive.
Yes. “If companies wanted to carry on transferring data, they would have to hire some pretty expensive lawyers to get their own books in order to make sure they’re meeting the safeguards,” says Lilley. Were they to fail to meet those safeguards they would face significant fines—up to €20m or 4 per cent of a company’s global annual turnover.
This is going to cost a lot, isn’t it?
Billions. (Or, to put it another way, several weeks of that £350m). Arguably more important than the money, is the time. Just think of all those companies having to spend time getting their data transfers in order rather than doing the things that actually make them money.
We’ll take back control though, won’t we?
That’s one way of putting it, yes.