In 2018, will the UK go from being Masters of the Internet to Masters of Nothing?
Whereas “Masters of Nothing” is just a book, written by MPs Matthew Hancock and Nadhim Zahawi, alas “Masters of the Internet” was self-proclaimed by the UK Surveillance State Delphic Oracle.
In order to obtain a proper background perspective on our new Secretary of State, I would recommend adding “Masters of the Universe” to your library. I would also add Tim Wu's latest book, published last September: “The Attention Merchants”. For it seems to me that you shall need to absorb both and their inherent arguments to comprehend properly the EU's GDPR and the UK's place and ranking in the 4th Industrial Revolution. Enjoy. I shall delve into both books at a later date.
But how could both scenarios come about?
Recall then Home Secretary May's use of the word: “Extraterritoriality”?
Extraterritoriality is a legal concept. Traditionally applied in diplomatic relations to exempt named people from a local “foreign” jurisdiction. The GDPR takes this legal concept to a whole new level, and globally, for any external EU state that wants to acquire unrestricted (free) access to EU citizens data. For Brexiteers - think ECJ writ large - globally! And its Matt Hancock who is introducing it. Tom Wheeler got it. So, does the NTIA's David Redl get it, as we saw from the earlier “Eric Schmidt and Brexit Negotiations” Blog. The rest of the UK is just waking up to it. Ironically the appropriate clauses in the GDPR were inserted at the UK's behest through the Article 29 Working Group. Now the UK will be on the hook over Access Agreements - or not as the case may be (see proposed alternatives in the annexe to Hancock's August Data Protection Bill).
To begin to gain an appreciation of this legal concept I would refer you to Matt Hancock's “Masters of Nothing” reply to the last question put to him before the Home Affairs EU Sub-Committee on the 20th December, during consideration of the new EU General Data Protection Act which Hancock is sponsoring as a replacement Data Protection Bill:
“Lord Kirkhope of Harrogate: I do not want to trespass on another question, but I would just make this point. You referred briefly to the Privacy Shield, which was Safe Harbor originally. There were considerable problems there, and changes had to be made to provide the assurances that the EU, and indeed the US, needed. These things are liable to be constantly reviewed and changed. Presumably, therefore, this country should always be in a position to adapt what it has in place to fit the requirements, which are then in their own way subject to things like the ECJ, or in the United States’ case its own Supreme Court, Congress and Senate.
Matt Hancock MP: The difference with the situation now is that it will be the sovereign decision of this Parliament, rather than the direct decision of the EU under the direct jurisprudence of the ECJ. We would have the option as a Parliament to remove or change data protection, but that would be the wrong thing to do. Part of the domestic, sovereign debate about whether that should happen would be the response of other international organisations, whether the EU, the US or anybody else we have a free flow of data relationship with. That is the nature of how these things are kept.
Something else is important here. A further reason why it is so clear in my mind that we should stay aligned to the GDPR rules is not just because they are good rules but because they are extraterritorial. This is important. The EU has, I think for the first time, legislated an extraterritorial rule. If you want to deal with EU citizens’ data, wherever you are in the world, you have to comply with the GDPR. If you are in a country that has no data relationship with the EU, you want to trade with the EU and there is data underpinning that trade, as there is with nearly all trade these days, your company must comply with the GDPR. The GDPR will, I think, become a global benchmark, because countries that want to trade with the EU, which is most countries around the world, will want to comply with the GDPR. It is in our interest, for our global trading relationship, to have the GDPR in place in the UK. Just because, as a sovereign nation, we can choose for ourselves whether we do, that does not mean that it is at all sensible not to. It is a very good idea to.
- Next >>