The fresh stipulation goes further than Michel Barnier’s own negotiating mandate handed to him by EU member states. In a report, the European Commission stressed the importance of the UK following the EU’s data protection rules – known as GDPR – as part of any future relationship. As part of a review into the security of EU personal data being transferred to third countries, eurocrats insisted data adequacy is an “essential prerequisite” for future security cooperation between Britain and Brussels.
“A high degree of convergence in data protection is an important element for ensuring a level-playing field between two so closely integrated economies,” the report says.
Didier Reynders, the EU’s justice commissioner, insisted on a clear link between the future relationship and a data adequacy decision.
He said: “When it comes to data transfer with a member that is leaving, the UK, we want to make sure that in any Brexit agreement there is the proper application of the rules of the GDPR both on the European continent and in the UK.”
The Commission has begun work on so-called adequacy assessments of the UK’s data protection standards, to establish whether the country’s rules are robust enough to align with EU standards.
Commission vice-president Vera Jourova added: “I cannot predict now either it will be easy and without any further negotiations needed for the possible adequacy decision because we do not know if the UK will introduce some changes in their national legislation, which might deviate from the general line of the GDPR.”
The demands set out by the Commission today stretch beyond the negotiating guidelines handed to Mr Barnier by member states.
They state the “envisaged partnership should affirm the Parties’ commitment to ensuring a high level of personal data protection”.
The EU’s chief Brexit negotiator has, however, demanded a role for the European Court of Justice in overseeing future data sharing between Brussels and Britain.
British negotiators have rejected allowing the Luxembourg-based court to interfere in domestic law.
More widely UK officially have insisted the country should not be locked to the EU’s regulatory standards as the price for any future relationship pact.
Last February Boris Johnson said the UK would “develop separate and independent policies” in a range of fields, including data protection.
A UK Government spokesman said: “As confirmed by the Prime Minister in his written ministerial statement of February 3, 2020, the UK remains committed to high data protection standards.”
The European Parliament has raised concerns and questioned whether the UK should be granted access to the bloc’s crime-fighting databases if the Government refuses to sign up to EU rules.
In May MEPs voted to reject a European Council proposal to “allow the United Kingdom to participate in the automated searching” of fingerprint data stored in the EU’s Prum database.
They voiced concerns that allowing the UK access “could create significant risks” because the Prime Minister has rejected a role for the ECJ in the future relationship
Their report said: “Dactyloscopic data is a particular sensitive category of personal data that requires a specific protection as its processing could create significant risks to the fundamental rights and freedoms.
“Union law requires that when such processing is to be carried out, it has to be subject to appropriate safeguards for the rights and freedoms of the data subject.
“In view of the current state of play of the negotiations on the future relations between the UK and the EU, it is not yet clear whether after December 31, 2020 the UK will meet the conditions required under the Union law to be considered providing an essentially equivalent level of protection to that provided by the Union law.”
Negotiating efforts will be accelerated next week with Mr Barnier expected to hold face-to-face talks with David Frost, his UK counterpart, in Brussels.
The UK and EU have committed to finding a political agreement by the end of next month.
Let us not seek the Republican answer or the Democratic answer, but the right answer. Let us not seek to fix the blame for the past. Let us accept our own responsibility for the future.