Damian Collins (Folkestone and Hythe) (Con) [V]

- View Speech - Hansard -

Copy Link

-

The UK is one of the world’s greatest centres for digital trade, a sector that is vital to the future success of our economy. We want to attract investment and talent from across the globe and open up markets to the services that British companies provide.

Data is the fuel of the digital economy, driving everything that people and businesses see and do online. We need to work towards common standards among nations in how data is gathered, stored and processed, which can give citizens certainty about the security of their personal data when they share information with businesses online, as well as when they use apps on smart devices and cloud storage systems. We know that people care about these issues: more than 90% of iPhone users who have been given the choice have opted out of allowing apps such as Facebook to access data from non-Facebook apps on their devices.

At the recent G7 summit, the Government led successful negotiations between nations to create a business tax regime that is fit for the digital world. Trade agreements can also be used to help to establish common standards for data protection and processing. Laws affecting digital regulation and data protection should be set by Parliament rather than in trade agreements, which is why I spoke against the proposal by President Trump’s Government to include in trade agreements American legislation limiting the liability of tech platforms for the content posted on their sites—a measure that would restrict our ability to legislate to improve online safety, for example. That had formed part of the US’s agreements with Canada, Japan and Mexico, but I was pleased to receive assurances from the Secretary of State that it was something that we would not accept.

The CPTPP agreement seeks not to impose new digital and data policy, but to create certainty for citizens and businesses alike about the safety of their data and the interoperability of systems. I know that the Department for International Trade has closely consulted the Information Commissioner’s Office on the CPTPP’s terms and the obligations that it creates; in the ICO’s opinion, it is compatible with UK data protection law. It has also noted that a number of CPTPP member countries have already been granted data adequacy decisions under the EU’s GDPR, including Canada, Japan and New Zealand. The CPTPP also contains provisions similar to those in the UK-Japan agreement recognising the importance of data protection to electronic commerce and committing all parties to implementing a data protection framework that takes relevant international standards into consideration.

The ICO believes that it is possible to have separate but complementary data adequacy processes with international trade agreements. In Asia-Pacific, such agreements tend towards greater reference to international data transfers and the free flow of data in agreements, particularly to address risks of data localisation. It is important, however, to properly consider and understand the implications of any provisions in trade deals that cover privacy and data protection, particularly with regard to the processing of UK citizens’ data in a third country.