Japan-UK Trade Deal Shows How Controversial Digital Policies Can Be Slipped Through With Little Scrutiny Or Resistance

from the welcome-to-the-data-washing-hub dept

Techdirt has been writing about trade agreements for many years. The reason is simple: as digital technology permeates ever more aspects of modern life, so international trade deals reflect this by including sections that have an important impact on the online world. A new trade agreement between Japan and the UK (pdf) is a good example. It is essentially a copy of the earlier trade deal between the EU and Japan (pdf) — because of Brexit, UK negotiators have not had the time or resources to draw up their own independent text, which typically requires years of drafting and negotiation. But significantly, the Japan-UK agreement adds several major sections purely about digital matters. All are terrible for the general public, as a briefing document from the UK-based Open Rights Group explains.

One issue concerns transfers of personal data between the UK and Japan. In the EU, this is governed by the well-known and relatively stringent GDPR. In fact, in order to achieve “adequacy” — essentially, legal permission to receive EU personal data — Japan has had to strengthen its data protection laws:

The EU required Japan to change its data protection regime, including supplementary rules on onwards transfers of EU data to other countries. The European Parliament has expressed further concerns and Japan is considering further changes.

However, the Japan-UK trade deal explicitly calls for personal data flows to be made easier, with a consequent watering-down of EU-level protections:

The UK deal includes measures which ban restrictions on the free flow of personal data, restrictions which could clash with the limits which European data protection laws place on international transfers. The EU could not adopt these measures in its treaty with Japan, and instead put in placeholder text committing both parties to review the situation in three years. The UK-Japan text heeds the wording of the USMCA [United States-Mexico-Canada Free Trade Agreement], with some extra clauses to exclude procurement and data kept on government orders.

The banning of restrictions on the free flow of personal data allows for public interest policies, following a standard formulation in trade agreements. This regime looks reasonable on paper, but in practice, it is very difficult to implement public interest policies which clash with trade liberalisation, as they are open to legal challenge, which rarely find in favour of restrictions.

Open Rights Group notes two important consequences of this decision not to follow the EU text here. First, it potentially allows personal data flowing to the UK from third countries to be passed to Japan and then on to other jurisdictions, for example the US, with almost no controls or restrictions. This would turn the UK into a “data washing hub” as the Open Rights Group puts it. In this respect, the UK-Japan deal contrasts with the EU-Japan deal, where:

The EU specifically excluded data flows from their trade agreement with Japan. Although Japan has an adequacy decision from the EU, it had to put specific arrangements in place for EU data to stay in Japan.

Given that risk, it is highly likely that the EU will refuse to grant adequacy to the UK, in order to prevent the personal data of EU citizens being sent via the UK to Japan or the US without adequate protections. The crucial role of personal data in modern business means a failure to gain adequacy will have a hugely negative impact on EU-UK trade. The other significant addition to the text in the digital sphere concerns “technical protection mechanisms” (TPMs) — DRM and similar technologies — and the criminalization of circumventing them. Open Rights Group points out:

Another concern for digital rights in the UK is the potential criminalisation of circumvention outside commercial endeavours, affecting ordinary people. Circumvention is not a niche activity. Millions of people used to make backup copies of DVDs and many today have to bypass technological protections in order to convert their protected ebooks to other formats. The provisions in the USMCA will require Mexico to beef up its anti- circumvention laws, including introducing criminal penalties for “commercial advantage or private gain”.

Finally, there is an interesting section dealing with cryptography. The Japan-UK deal introduces provisions to shield cryptography from a range of government requirements, such as sharing or disclosing keys. However:

What is different here is that the UK also introduces a specific exception for law enforcement to demand access to encrypted communications and for financial regulation. This is not surprising given that the UK is at the forefront of government demands to access data from encrypted messaging systems such as WhatsApp or Telegram. There are no public interest policy exceptions in this area, however limited, only demands from courts, regulators or police.

Of course, the UK is not alone in wanting access to encrypted communications: a recent Techdirt article noted that the EU is also looking to require what is euphemistically termed “lawful access” — that is, backdoors — to end-to-end encrypted communications, as is the US and elsewhere. What is significant here is that the exception is being introduced in the context of trade, with no expert input or public debate about the details, as are the other measures discussed above. The danger is that this will become a common practice, where governments try to slip through contentious digital policies as short sections of obscure but far-reaching trade deals.

Follow me @glynmoody on Twitter, Diaspora, or Mastodon.

Filed Under: , , , , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Japan-UK Trade Deal Shows How Controversial Digital Policies Can Be Slipped Through With Little Scrutiny Or Resistance”

Subscribe: RSS Leave a comment
Anonymous Coward says:

From what i read previously, all uk citizens data is now available to whoever wants it in Japan and they can pass it on to whoever wants it, wherever they may be, bypassing any and all protections that are in place atm, simply because the data wont go direct. Any excuse to screw the people, regardless of which country we’re talking about at the time because some self centered asshole wants to/will get megabucks out of the deal!

Anonymous Coward says:

Re: Re:

Any excuse to screw the people, regardless of which country we’re talking about at the time because some self centered asshole wants to/will get megabucks out of the deal!

Which is why I say: The people the data is about should be getting a cut of that deal. You won’t get people to acknowledge privacy until they suffer without it. You can get people to acknowledge the megabucks that some asshole is making off of them without them getting a cent. Make that the conversation, and all of these "free trade" deals will suddenly loose their lucrative incentives.

Anonymous Coward says:

Sorry to be in the minority among this "Britain sucks" crowd here but I don’t see how enabling the UK’s massive digital economy to trade freely with Japan is a bad thing. The idea that thousands of innocent Britons are going to be criminalized or have their data stolen is paranoid nonsense. The EU, with its pointless and bureaucratic GDPR, still suffers far higher levels of data breach than Japan.

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...