Feeds

Cameron's speech puts UK adoption of EU data directive in doubt

Biz types have Tories' ear... so if they win election, all bets are off

High performance access to file storage

Opinion Cameron’s speech puts UK accession to any Data Protection Regulation and Directive in doubt.

In yesterday’s speech on the relationship between the UK and the Europe Union, the Prime Minister raised doubts as to whether the UK will adopt both the proposed Data Protection Regulation and the Data Protection Directive in the field of law enforcement.

Reading the runes: if the Conservatives win the next General Election, I think that implementation of both Regulation and Directive is unlikely.

Why am I saying this? First, the Conservatives are going to consult business about the EU regulations they want to keep; how many businesses do you think will respond with: “Well that nice Data Protection Regulation is top of my list”?

Then look at the timings: The General Election is in 2014/15; any referendum would be in 2017; negotiations with the EU in 2015-2017; and the (optimistic) commencement of the Regulation is 2016. This is smack in the middle of the negotiations - which means the regulation is an obvious target for negotiations.

Finally, the Conservatives are to look at what competences they want to return. So consider the notion of “return of competences” in the context of the following extracts from the PM’s speech, intertwined with the commentary on the Directive and Regulation from last week.

In his speech, the PM said: “There is a crisis of European competitiveness, as other nations across the world soar ahead”. In its criticism of the Data Protection Regulation, the government states that it “is seriously concerned about the potential economic impact of the proposed Regulation. At a time when the Eurozone appears to be slipping back into recession, reducing the regulatory burden to secure growth must be the priority for all Member States”.

In his speech, the PM said: “And I want us to be pushing to exempt Europe's smallest entrepreneurial companies from more EU Directives.” In the criticism of the Data Protection Regulation, the government states: “At a time when the Eurozone appears to be slipping back into recession, reducing the regulatory burden to secure growth must be the priority for all Member States. It is therefore difficult to justify the extra red-tape and tick box compliance that the proposal represents”. In addition, it maintained: “[W]e estimate the costs for UK small businesses of simply demonstrating compliance with the proposals to be around £10 million” (in 2012–13 earnings terms) and in terms of the “whole economy of £100–£360 million per annum (in 2012–13 earnings terms).”

In his speech, the PM said: “In Britain we have already launched our balance of competences review – to give us an informed and objective analysis of where the EU helps and where it hampers”. In its criticism of the Data Protection Regulation, the Government stated that “the Government’s position that the proposed Regulation should be re-cast” to “allow for harmonisation in the areas where it is advantageous and flexibility for Member States where it is required” and that “the proposed Regulation places prescriptive obligations upon data controllers”.

In his speech, the PM said: “Let us not be misled by the fallacy that a deep and workable single market requires everything to be harmonised, to hanker after some unattainable and infinitely level playing field.” In its criticism of the Data Protection Regulation, the government said: “[T]his is a ‘one size fits all’ approach which does not allow data controllers (from small online retailers to multinational Internet companies) to adopt their own practices in order to ensure compliance with the legislation.”

In his speech, the PM said: “Some of this antipathy about Europe in general really relates of course to the European Court of Human Rights, rather than the EU. And Britain is leading European efforts to address this.

This is undisguised code for the UK withdrawing support from the European Convention of Human Rights in favour of a localised UK Bill of Rights which is very likely to weaken the obligation to respect “private and family life” by allowing more flexible interference by public authorities.

In his speech, the PM said that the government was “[l]aunching a process to return some existing justice and home affairs powers”. In the criticism of the law enforcement Data Protection Directive, the government said that it “does not consider that full harmonisation of police and judicial co-operation in criminal matters is necessary or desirable”. This is because “introducing prescriptive requirements for domestic processing may instead have a detrimental effect on law enforcement operations, placing onerous burdens on data controllers and huge costs on public authorities”.

In summary: I think it is clear that the government sees the Data Protection Regulation primarily as a burden on business. If the other Member States don't change its text, then the Regulation is very likely to be a candidate for an opt-out. In the promised referendum, if UK voters decide the leave the EU, then it’s also goodbye to the Regulation. Either way, its bye-bye.

In any event, it is clear that the UK wants nothing to do with the Data Protection Directive in the field of law enforcement. That is definitely “toast” if there is a Conservative government after the next election.

References:

High performance access to file storage

More from The Register

next story
Android engineer: We DIDN'T copy Apple OR follow Samsung's orders
Veep testifies for Samsung during Apple patent trial
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
German space centre endures cyber attack
Chinese code retrieved but NSA hack not ruled out
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Big Content goes after Kim Dotcom
Six studios sling sueballs at dead download destination
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
Alphadex fires back at British Gas with overcharging allegation
Brit colo outfit says it paid for 347KVA, has been charged for 1940KVA
Jack the RIPA: Blighty cops ignore law, retain innocents' comms data
Prime minister: Nothing to see here, go about your business
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
HP ArcSight ESM solution helps Finansbank
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.