In yesterday’s speech on the relationship between the UK and the Europe Union, the Prime Minister has raised doubts as to whether the UK will adopt both the proposed Data Protection Regulation and the Data Protection Directive in the field of law enforcement.
Reading the runes: if the Conservatives win the next General Election, I think that implementation of both Regulation and Directive is unlikely.
Why am I saying this? First, the Conservatives are going to consult business about the EU Regulations they want to keep; how many businesses do you think will respond with “Well that nice Data Protection Regulation is top of my list”?
Then look at the timings: Election in 2014/15; any referendum is in 2017, negotiations with the EU in 2015-2017 and the (optimistic) commencement of the Regulation is 2016. This is smack in the middle of the negotiations which means the Regulation is an obvious target for negotiations.
Finally, the Conservatives are to look at what competences they want to return. So consider the notion of “return of competences” in the context of the following extracts from the PM’s speech, intertwined with the commentary on the Directive and Regulation released last week (see last week’s blog).
In his speech, the PM said: “There is a crisis of European competitiveness, as other nations across the world soar ahead”. In its criticism of the Data Protection Regulation, the Government state that it “is seriously concerned about the potential economic impact of the proposed Regulation. At a time when the Eurozone appears to be slipping back into recession, reducing the regulatory burden to secure growth must be the priority for all Member States”.
In his speech, the PM said: “And I want us to be pushing to exempt Europe's smallest entrepreneurial companies from more EU Directives”. In the criticism of the Data Protection Regulation, the Government state “At a time when the Eurozone appears to be slipping back into recession, reducing the regulatory burden to secure growth must be the priority for all Member States. It is therefore difficult to justify the extra red-tape and tick box compliance that the proposal represents”. In addition, “we estimate the costs for UK small businesses of simply demonstrating compliance with the proposals to be around £10 million” (in 2012–13 earnings terms) and in terms of the “whole economy of £100–£360 million per annum (in 2012–13 earnings terms)”.
In his speech, the PM said: “In Britain we have already launched our balance of competences review – to give us an informed and objective analysis of where the EU helps and where it hampers”. In the criticism of the Data Protection Regulation, the Government state that “the Government’s position that the proposed Regulation should be re-cast” to “allow for harmonisation in the areas where it is advantageous and flexibility for Member States where it is required” and that “the proposed Regulation places prescriptive obligations upon data controllers”.
In his speech, the PM said: “Let us not be misled by the fallacy that a deep and workable single market requires everything to be harmonised, to hanker after some unattainable and infinitely level playing field”. In the criticism of the Data Protection Regulation: “...This is a ‘one size fits all’ approach which does not allow data controllers (from small online retailers to multinational Internet companies) to adopt their own practices in order to ensure compliance with the legislation”.
In his speech, the PM said: “Some of this antipathy about Europe in general really relates of course to the European Court of Human Rights, rather than the EU. And Britain is leading European efforts to address this”. This is undisguised code for the UK withdrawing support from the European Convention of Human Rights in favour of a localised UK Bill of Rights which is very likely to weaken the obligation to respect “private and family life” by allowing more flexible interference by public authorities.
In his speech, the PM said: that the Government was “Launching a process to return some existing justice and home affairs powers”. In the criticism of the law enforcement Data Protection Directive, the Government said that it “does not consider that full harmonisation of police and judicial co-operation in criminal matters is necessary or desirable”. This is because “introducing prescriptive requirements for domestic processing may instead have a detrimental effect on law enforcement operations, placing onerous burdens on data controllers and huge costs on public authorities”.
In summary: I think it is clear that the Government sees the Data Protection Regulation primarily as a burden on business; if the other Member States don't change its text, then the Regulation is very likely to be a candidate for an opt-out. In the promised referendum, if UK voters decide the leave the EU, then Iit’s also good-bye to the Regulation. Either way, its bye-bye.
In any event, it is clear that the UK wants nothing to do with the Data Protection Directive in the field of law enforcement. That is definitely “toast” if there is a Conservative Government after the next Election.
“Scale of UK Government’s opposition to the proposed Data Protection Regulation and Directive made absolutely clear”. http://amberhawk.typepad.com/amberhawk/2013/01/scale-of-uk-governments-opposition-to-the-proposed-data-protection-regulation-and-directive-made-abs.html
Listen to the Prime Minister's speech: http://www.bbc.co.uk/news/uk-politics-21156905