Martyn McLaughlin: Government piggybacks on EU rules as it heads for exit door

Bereft of ideas and momentum, Tory ministers are taking credit for Brussels' work, writes Martyn McLaughlin

The UK government trumpeted the removal of credit and debit card charges - but it was only rolling out an EU directive.
The UK government trumpeted the removal of credit and debit card charges - but it was only rolling out an EU directive.

The politics of personal data will be one of the defining issues of this century. The rise of social networks and the breakneck pace at which they develop new technology and algorithms has revolutionised the way we communicate, but so too it poses one of the greatest regulatory challenges of our times.

With firms such as Facebook constantly devising increasingly complex ways of harvesting, analysing and monetising our data, the UK government has been playing catch-up for a decade.

Hide Ad
Hide Ad

Against such a backdrop, it was with considerable self-satisfaction that the previously anonymous digital minister Matt Hancock announced the upcoming Data Protection Bill this week.

At first glance, the pictures of Mr Hancock beaming as he enjoyed his moment in the spotlight were understandable. There is much to welcome in the government’s 30-page statement of intent for the new law, in particular the plan to sharpen the teeth of the Information Commissioner’s Office.

As things stand, companies which breach data laws face a maximum fine of £500,000; granted, it is a great deal of money, but at a time when the major tech players are measuring their revenues and profits by the billions, it hardly acts as a realistic deterrent.

Instead, the new Bill will permit the commissioner to issue penalties of up to £17m, or four per cent of a company’s global turnover. Such a penalty will not only hit offenders hard, it suggests the issue of data protection is being taken seriously.

All is not what it seems, sadly. It is a shame that the government is being more than a little disingenuous about its role in pushing through such tough new rules. Anyone reading the press release from the Department for Digital, Culture, Media and Sport would be forgiven for thinking Mr Hancock and his civil servants were trailblazers, taking firm action while other countries flounder. The new Bill, the minister excitedly promised, will give us “one of the most robust, yet dynamic set of data laws in the world”.

Provided the legislation makes its way through the Commons and Lords intact, that will indeed be true, but it was perhaps convenient for Mr Hancock to forget to mention that, even in the best case scenario, Britain will only be on an even keel with the rest of the EU.

The Bill, announced in the Queen’s Speech, is in fact little more than a formality which will bring the UK’s laws in line with those put in place by the EU’s General Data Protection Regulation, which comes into force next May.

Even though the UK is departing the EU, it will still be a member state next spring and, as such, must adhere to its laws. After Brexit, if the UK wishes to freely transfer personal data back and forth between EU states, it must demonstrate it has thorough data protection standards in place.

Hide Ad
Hide Ad

In short, the Data Protection Bill is a procedural step designed to make that a reality and ease trade.

Mr Hancock may wish to project the idea the UK is at the forefront of the data revolution, but the legislation is simply following a path laid out by Europe; the truth is that members of the public in Britain will still be protected by the same rules they are now, following Brexit.

The desperate attempt to claim credit for legislation that has come out of Brussels should not come as a surprise, and with Prime Minister Theresa May forced to back down on her most eye-catching election pledges in the wake of her humiliation at the polls, the trend of hijacking the Brexit process by a government pretending it has new policies to offer will only intensify.

Only last month, the Treasury issued a tough-talking press release which trumpeted how “the government is unveiling new rules that will mean card charging in Britain will come to end”. It added: “This action forms part of our wider help for families with the cost of living by helping to raise their incomes and keep more of what they earn.”

The consumer-friendly crackdown, which outlaws punitive fees by debit and credit card users, was a popular and overdue move. The problem is, it was not the UK government’s doing – it was the direct result of an EU directive known as PSD2.

Save for a few cursory tweaks, the same legal requirements are being incorporated into the statute books here. Ms May’s administration, having done none of the legwork, is taking all the credit.

The same is true of the new Bill but with one important caveat: the EU legislation makes it possible for privacy groups to lodge data protection complaints on behalf of consumers, but the UK government has decided this should be jettisoned.

Hide Ad
Hide Ad

Having been accused for years of so-called “gold-plating” EU legislation, which sees far stricter regulations imposed on top of the minimum standards laid down by Brussels, the UK has shamelessly come full circle. Bereft of ideas, momentum and credibility, it is now reduced to basking in the glory of other legislators’ work while neutering some of its most important provisions, espousing the same old stale rhetoric about taking back control.

Left unchecked, this is how the myths of Brexiteers, forever bemoaning the loss of national sovereignty, becomes the stuff of legend. If this is British democracy at its finest, God help us for what lies ahead.