A prominent digital privacy group warns that a new trade agreement between the UK and Japan could pose an "existential crisis" for data privacy in the UK.
In October, the British government announced a free trade agreement with Japan. Officials believe the pact will boost the British economy by 15.2 billion pounds over 15 years. However, according to a blog post by the London-based Open Rights Group (ORG), the UK-Japan trade agreement may come at the expense of data protection regulations. [The U.K.-Japan trade agreement, announced in mid-October, was supposed to be negotiated in record time and be uncontroversial, with only minor changes to the existing treaty that the U.K. inherited from the EU," writes Jim Killock, executive director of ORG. [But the treaty contains an entirely new provision that puts the 'free flow of data' from the UK and Japan, and from there to other trading partners, above the right to data protection."
Killock warned that the EU's strict data protection rights will no longer apply to the UK when the Brexit transition period ends on December 31.
"Assuming the UK simply finds data protection 'adequate' in January, current restrictions on European data will disappear to stop lightly regulated transfers to the US," Killock wrote.
In his view, the UK's data sharing agreement with Japan would be "a radical departure from the current position" and would diminish the data protection rights of British nationals.
"Today, a UK company must only transfer personal data if it can guarantee that it will continue to have similar rights to access, correct, and delete that data," Killock explained.
"The UK-Japan agreement will force the UK to accept a lower data protection framework, including voluntary self-regulation, as compatible with the UK's world-leading privacy framework in Articles 8.80 and 8.84."
Of particular concern is that this arrangement could result in the transfer of personal data of UK citizens to countries that have similar arrangements with Japan, including the US.
"The concern is that UK data will be transferred to the US without being kept under GDPR-like protections," Killock explained.
Killock is concerned that the UK's data protection rights would be "greatly diminished" if this were to occur.
"In the U.S., there is no automatic right to know where your data is stored or by whom, and there is no way to prevent resale, reuse, or new uses of the data," Killock added.
"You have no right to prevent your data from being used in a discriminatory or unfair manner.
"You cannot ask for your data to be deleted. If data is lost, there is no legal barrier preventing third parties from obtaining and using it. And if the data is breached or sold, there is no simple remedy.
Jake Moore, a security specialist at ESET, predicts that these data privacy concerns will lead to increased use of virtual private networks."Keeping track of where personal data is is an impossible task," Moore told Tom's Guide.
"Data is the new currency, and companies and countries will go to extreme and new lengths to get it. But we can fight back, and that is by using VPN services.""This new trade dynamic will likely increase VPN use among those already familiar with VPN services, but more awareness needs to be instilled in the public to make them more aware of the risks of personal data being transferred.
"Once people are made aware of how their personal data is analyzed, processed, and profited from, they tend to quickly change their online habits and start asking about VPNs.
Comments