Easing data protection would be disastrous for the UK
The author is Vice President and Senior Strategy Advisor at the Open Data Institute
The UK is at a crossroads when it comes to data processing. After Brexit, the UK has the opportunity to become a center of excellence in digital security, data governance and trust. Or there is another avenue, one in which we sidestep regulatory measures such as the General Data Protection Regulation and possibly our reputation.
Much has been said about the UK becoming a ‘Singapore on the Thames’ with laissez-faire trade regulations. But if data handling standards were undermined, the country would look more like a digital Cayman Islands – an unregulated place where huge amounts of data can be collected and processed without scrutiny.
The government’s task force on innovation, growth and regulatory reform, led by Iain Duncan Smith, called for replacing the EU’s GDPR data protection law because it “overwhelms people with requests for consent and complexity ”. But why would we seek to do away with what is already considered the gold standard for data protection? GDPR is not perfect, but we should take the opportunity of leaving the EU to build on it, accelerate innovation in data governance and strengthen the UK’s reputation as a that place to do digital business ethically.
Reducing data regulation could make the UK attractive in simple economic terms. Compliance costs for businesses and governments could be reduced. But trust in the UK would also be diminished and, for individuals, that would mean our lives would be more under scrutiny thanks to the collection of data over which we have little control.
Over time, this could lead big names and blue chip companies to abandon the UK for fear of damaging their reputations. Apples and Microsofts around the world recognize the competitive advantage of protecting people’s privacy. They would be reluctant to process the data in an environment where customers might consider personal data to be at risk.
We must not only think of the reaction of companies. A recent statement from the digital and tech arm of the G7 includes a commitment to “the free flow of data with confidence”. These multinational agreements aim to prevent countries from forcing companies to operate data centers locally: a nightmare for a digital company trying to operate internationally. But countries put these restrictions in place because of a lack of confidence in what might happen to data exports, especially about their citizens. If the UK were to lower its own standards, over time we would risk losing access to international digital markets.
Rather, the UK data protection regime needs to be strengthened. Innovating in new types of data services that build trust, especially around audit and assurance, is the way to go. The existing service economy will have to adapt to a world in which data takes on new importance. Accounting needs to determine how to properly value balance sheet data.
Real estate departments should describe the ownership of datasets generated by sensors that fit into our physical infrastructure, such as smart thermostats. Auditors need to be able to examine the acquisition, use and sharing of data, and the algorithms and artificial intelligence that it powers. Services like these will be needed around the world. The UK has the opportunity to build on its existing strengths to deliver them.
Put simply, the UK’s competitive advantage is built on high standards, reliability and an ethical environment where laws are enforced and data and algorithms audited. This is where we can and should be competitive. A race to the bottom is just that, with the reputational damage it brings, along with the loss of responsible tech companies, emerging digital industries, and international influence. Let’s aim for the gold standard, not a tarnished bronze.