The United Kingdom’s Post-Brexit Push for Deregulation in Global Data Governance
How the UK is using its post-Brexit role in global digital trade and data governance to promote economic growth and deregulation through free trade agreements and domestic data protection reforms.
The UK is using its post-Brexit role in global digital trade and data governance to promote economic growth and deregulation through free trade agreements and domestic data protection reforms.
The country wants to create a unique framework for international data transfers, liberalize data flows, and position the UK as the world's most attractive data marketplace. This approach deviates from the EU's focus on personal data protection as part of the right to privacy and aligns more with the US and Indo-Pacific region.
This strategic shift is cemented with accession to the Comprehensive and Progressive Agreement for Trans-Pacific Partnership (CPTPP). New agreements with countries in the region like Japan, Singapore and Australia prioritize digital trade and data flows. The UK is also pursuing deals with countries like India, focusing on digital trade. These deals face many challenges, from disagreements over India’s data localization policies to potential legal conflicts between the UK’s GDPR-based framework and India’s weaker privacy regulation.
Consumer rights advocates argue these trade deals could compromise data protection standards and limit transparency of algorithms. These trade deals would increase the risks of data exploitation and create difficulties to regulate digital technologies, such as AI, in the public interest, reducing the control people have over their data, and eroding consumer trust in the digital economy. The effect could be felt more widely if the UK government’s approach to digital trade reduces the potential for future global convergence of technology and data governance towards higher standards of consumer protection.
These international policies are coupled with domestic reforms that, in the name of growth, openly tilt the balance towards the needs of business by reducing consumer rights, potentially undermining privacy. The new Data Protection and Digital Information Bill (No. 2) will amend the UK GDPR to signal a departure from the EU approach in areas such as identifiable information, automated decisions, data rights, and business obligations. Proposed changes to the regulation of cross-border transfers of personal data would also make it easier for the UK to align with the data regimes of the CPTPP countries.
Critics argue that these changes could lead to hidden processing, fewer data subject rights, and increased complaints from data subjects. These changes could also jeopardise the existing arrangements for free flow of data between the UK and the EU, which would cause major economic turmoil.
As the UK moves forward, striking a balance between fostering economic growth and ensuring robust consumer and data protections will be crucial. The current bias towards traditional pro-business deregulation and unchecked free trade could cause problems for consumers and risks being out of step with the current geopolitical alignments and social concerns about technology.