(Bloomberg) — U.K. privacy protections were criticized by an activist who told the European Union that the British shouldn’t be trusted to protect user data after Brexit.
The personal data of EU citizens “do not at present have an adequate level of protection in the U.K.,” Johnny Ryan, a senior fellow at the Irish Council for Civil Liberties, wrote in a letter to the European Commission on Monday.
The U.K. “lacks an effective independent supervisory authority that is capable of enforcing compliance with data protection law and vindicating data subjects’ rights,” added Ryan.
Without a so-called adequacy decision from the EU by the end of the year, companies would be thrown into legal limbo and no longer be able to transfer data safely across the English Channel. At the risk of hefty fines under the EU’s strict data protection rules, U.K. companies that rely on data flows to and from the bloc would have to quickly find alternatives, involving more paperwork.
An EU adequacy decision would be a green light for such transfers without restrictions. To get there, the U.K. will have to meet a number of strict conditions. One of them is “the existence and effective functioning of one or more independent supervisory authorities,” according to the EU’s General Data Protection Regulation, or GDPR.
EU Regulators Take
By Jack Stubbs
LONDON (Reuters) – China’s Huawei Technologies has failed to convince British security officials that the security risks of using its products in UK national infrastructure can be adequately managed, according to a government report released on Thursday.
A government-led board that oversees the vetting of Huawei gear in Britain said continued problems with the company’s engineering and security practices meant it could only give “limited assurance” that all risks to UK networks could be sufficiently mitigated long-term.
The board – which includes officials from Britain’s GCHQ signals intelligence agency – said Huawei had only made limited progress addressing issues raised last year and it had no confidence in the company’s ability to complete a previously-announced cybersecurity overhaul.
The findings will increase pressure on Huawei, the world’s biggest maker of telecoms networking equipment, which has been besieged by repeated rounds of U.S. sanctions and allegations that its products can be used by Beijing for spying.
Huawei has repeatedly denied the allegations and said on Thursday the British assessment showed equipment vulnerabilities were not a result of “Chinese state interference.”
“The report acknowledges that while our software transformation process is in its infancy, we have made some progress in improving our software engineering capabilities,” a company spokesman said.
After initially granting Huawei a limited role in the UK’s 5G infrastructure, Prime Minister Boris Johnson reversed that decision in July, ordering all of the company’s equipment to be purged from national networks by the end of 2027.
The reason given for the about-turn was the impact of new U.S. restrictions on chip technology, which Britain’s National Cyber Security Centre (NCSC) told ministers meant Huawei was no longer a reliable equipment supplier.
Officials said the latest report, which is produced annually as part of the government’s procedure for vetting Huawei equipment