How will Brexit affect UK data sovereignty?
10 March 2017
Sovereignty of data is of great importance to all businesses, primarily because the laws governing access rights differ greatly from country to country. A good example of this is the United States where access to data held in country, even if stored by an international business, can be freely gained by federal agencies through their Patriot Act.
Mark Hohenberg, Sales Manager
What could Brexit mean for data legislation in the UK?
The European Union has a number of data protection rulings that apply to all countries in the EU. These directives mean that there is essentially a free movement of data between countries in the EU, something that the UK will potentially no longer be privy to. Current EU legislation on data protection states that “special precautions need to be taken when personal data is transferred to countries outside the European Economic Area that do not provide EU-standard data protection”.
UK data legislation could change too, as laws previously controlled by the EU may soon be invalid in the UK once Article 50 is invoked. This gap in regulation will need to be clarified with new legal stature that will highlight how UK-data can be legally stored, and more importantly where. As UK data sovereignty laws are written, businesses need to be ready to deal with any potential repercussions.
There are also potential security risks following Brexit. Mark believes that “with the well-publicised and impending change of status for the UK within the European Union, there is concern that the rights protecting UK businesses’ data when stored within the EEC will be significantly compromised, decreasing overall security and giving greater potential for loss of Intellectual Property (IP) or system hacking.”
What can businesses do to prepare for new data legislations post-Brexit?
The safest thing for businesses that have data stored on the continent is to simply migrate it to UK-based data centres that are owned or managed by UK-based companies. This ensures data stored in these data centres are subject to UK data sovereignty directives, and therefore avoids any risk that may occur if a business decides to keep their data in a country based in the EU. Of course, this only applies if the data you store relates to UK citizens and businesses. If your data is multinational, moving to the UK could cause additional complexity.
Whilst most large cloud providers hold “local” primary storage facilities for UK businesses in Dublin and Amsterdam, the approach taken by HTL differs. HTL data centre facilities are housed exclusively within the UK. Therefore, client data will remain unaffected by the change in European status, ensuring that all UK HTL customers retain the full protection of the British Government and its stringent data sovereignty laws.
Do you host data in the EU, or are you worried that your data might be affected by Brexit? Learn what the GDPR means for your business and how the cloud can help by reading the Prodec Networks GDPR Survival Guide.