BRUSSELS (Reuters) – Exactly four weeks before Britain leaves the EU’s single market following Brexit, it is still unclear how much access it will retain to the bloc’s data from security tools used in everything from combating crime to business information.
Britain’s transition out of the European Union ends on Dec. 31 after which it will no longer be part of cooperation arrangements from trade to energy to transport it developed over 47 years of membership.
EU and UK negotiators have missed multiple deadlines for a new partnership pact that would carry these ties forward from Jan. 1, struggling to overcome gaps on free trade rules.
As talks go down to the wire, options range from upholding free commerce and other cooperation to an abrupt split.
A “no-deal” could mean Britain is cut off overnight from EU security data, from the Schengen Information System, the bloc’s border database, to the European police Europol, to DNA and the licence plates hub PRUM.
If there is an agreement, Britain’s data access would still be reduced, but by how much remains unclear.
In Britain’s Withdrawal Agreement, the estranged allies agreed on “operational cooperation” to keep London plugged in to some extent to Europol, PRUM and Eurojust, the EU’s criminal justice cooperation agency.
But that would not come into effect if they fail to agree on a new free trade deal and end up with a rupturous end to the years-long Brexit crisis.
Even if skeleton data links are agreed, the bloc would still need to issue a data adequacy assessment to certify – as it does with other third countries – that it believes UK protection of sensitive and personal data meets EU standards.
While EU officials say this decision might come this year, the bloc is already looking at stop-gaps to carry on some data exchanges from 2021 even without permanent new rules. Details, however, are missing.
With Europe on high alert following recent attacks in France and Austria by suspected Islamist militants, even former British premier Theresa May expressed shock at a remark by a government minister that the country would be safer outside the EU than in.
Britain’s mission to the EU hub Brussels had no comment, saying negotiations between London and the bloc were ongoing.
It is also unclear how much business data – including consumer and employee information – will still flow between the EU and the UK, where many multinationals have their global HR or payroll services.
Ben Rapp from data consultancy Securys estimated the one-off cost of a no-deal and no-adequacy split for British businesses at some 10 billion pounds ($13.5 billion) in corporate spending requred to ensure and document compliance with EU data privacy rules.
“It would be way harder for UK to sell services to the EU or retain clients in Europe. It would be harder for multinationals to keep their global centres in the UK,” said Rapp, estimating the total damage at up to 50 billion pounds in lost GDP.
($1 = 0.7425 pounds)
(Reporting by Gabriela Baczynska; Editing by John Chalmers and Nick Macfie)