Brexit data transfer gaps a risk for UK startups, MPs told

INSUBCONTINENT EXCLUSIVE:
The uncertainty facing digital businesses as a result of Brexit was front and center during a committee session in the UK parliament today,
risks for UK startups vs tech giants were also flagged, with concerns voiced that larger businesses are better placed to weather
Brexit-based uncertainty thanks to greater resources at their disposal to plug data transfer gaps resulting from the political
afternoon, during its third reading, and the legislative timetable is tight, given that the pan-EU General Data Protection Act (GDPR) takes
implementation ahead of the EU deadline.Despite the UK referendum vote to pull the country out of the EU, the government has committed to
continue flowing, as is critical for business
witness to the committee, James Mullock, a partner at law firm Bird Bird, warned that the Brexit-shaped threat to UK-EU data flows could
result in a situation akin to what happened after the long-standing Safe Harbor arrangement between the EU and the US was struck down in
on an overseas recipient so all UK businesses that receive data from Europe will be having to sign these agreements or put in place these
the alternative legal mechanisms fall-back scenario.Another witness, Giles Derrington, head of Brexit policy for UK technology advocacy
had a member company who had to put in place two million Standard Contractual Clauses over the space of a month or so [after Safe Harbor was
smaller businesses
found now is a gap between those large multinationals, who can put in place binding corporate rules, standard contractual clauses, have the
certification mechanisms in place at this time
another example of the scale of the potential bureaucracy nightmare, Stephen Hurley, head of Brexit planning and policy for UK ISP British
Telecom, told the committee it has more than 18,000 suppliers
data flows would be very unlikely to be housed within any future trade treaty between the UK and the EU
Rather data would need to live within a separate treaty or bespoke agreement, if indeed such a deal can be achieved.Another possibility is
If we look at an adequacy decision by the Commission that is a one-way decision judging the standard of UK law and the framework of UK law
to be adequate according to the Commission and according to the Council
offer a route for the UK to negotiate and retain some role for her office within EU data protection regulation after Brexit.Because as it
this time when the GDPR is in its infancy, participating in shaping and interpreting the law I think is really important
to standards for artificial intelligence, for technologies, for regulating big tech
added.Hurley also made the point that if the ICO is not inside the GDPR one-stop shop mechanism then UK companies will have to choose
But no one saw much advantage to be eked out outside a regulatory regime that is now responsible for the de facto global standard for data
Having said that because GDPR has global reach it is now effectively being seen as we have to comply with this at an international level by
AI requires massive amounts of data sets
through both houses, most of the amendments to the bill were to go further, to strengthen data protection
the collection, use and retention of data
transparency and oversight of our intelligence service needs to be explained and discussed to our [EU] colleagues but there is no doubt that
And looking at the US regime