Big tech accountability? Read the backstory to today's policy debates here on Iptegrity.

As talks on a UK-EU post-Brexit trade deal enter their tense final stages, a vital agreement on security co-operation is hanging in the balance. A bespoke proposal has been tabled by the EU. It would facilitate ongoing access to cross-border data that police and intelligence services need. If it cannot be agreed, there are serious risks for law enforcement and individual privacy. A reluctance on the part of the UK government to commit to future support for the European Convention on Human Rights puts it in jeopardy.

The security co-operation agreement is needed so that UK law enforcement

authorities can tackle cross-border crime and terrorist activity. The police want to retain access to a number of EU databases in order to exchange data with European colleagues on criminal convictions, stolen property and missing persons, and track the movement of suspects between the UK and other countries. The intelligence services need similar access to monitor cross-border terrorist movements. If the UK leaves the European Union without any agreement on security co-operation, this access will be lost.

At the heart of the matter is data protection, and how it will be handled under the new UK-EU relationship. The data shared by law enforcement is governed by a legal regime that links into the framework that governs personal data and businesses who process it. This is EU law, and currently also UK law. If there is no agreement on data protection, there can be no security co-operation agreement.

Talks on law enforcement co-operation have been taking place this week, according to the Financial Times which reports that four meetings on the subject were scheduled. It is unclear whether there is a 'specialised committee' working on it, or whether the talks are happening within the main negotiating forum for the UK-EU trade agreement. A quick glance at the EU's negotiating texts, however, reveal that a bespoke security co-operation agreement is on offer, illustrating a key advantage in what the EU has wanted to offer to the UK (see Draft text of the Agreement on the New Partnership with the United Kingdom, Part 3 Security Partnership).

The secrecy surrounding the talks means there is little information available, but the concerns around data protection and national security have been foreseeable ever since 2016 and have been voiced on multiple occasions by law enforcement professionals and legal experts.

The UK government had been working towards what is known as 'adequacy' and has even proposed a framework for it. Adequacy entails a decision by the European Commission, establishing that our legal framework offers legal safeguards for individuals so that their data will be used as they expect it to be and will not be unfairly or abusively processed.

The UK government has been contending that it should get an adequacy decision easily because we operate the same legal framework. However, there has been no movement on getting an adequacy decision. The government is now apparently asking for provisions to be inserted within a Free trade Agreement.

This would seem to be a rather odd move by the UK government. It could be part of a wider negotiating manoeuvre that occurred shortly after the December 2019 election when the government altered its tactics, moving away from the rational approach established under Theresa May to one that is politically-driven.

It was always going to be tricky, as the EU has for some time been unhappy with UK surveillance policy, notably since Edward Snowden's revelations in 2014 about the conduct of GCHQ, and more recently the bulk powers in the Investigatory Powers Act 2016. (See Schrems ruling puts a spoke in UK data flows from 2021 ). Those concerns are still there, as reported here by The Guardian.

The latest issue to arise is the government's unwillingness to maintain a commitment to the European Convention on Human Rights (ECHR), which is given effect in UK law in the Human Rights Act. The EU's draft negotiation text makes the security co-operation agreement conditional on adherence to the ECHR.

The UK government's position has emerged in evidence given by Michael Gove to the Select Committee on the Future Relationship with the EU. Mr Gove is the Minister responsible for the EU trade negotiations. He has been questioned on this point several times by MPs on the Committee. In response, he has cited sovereignty as an issue. However, when asked by Joanna Cherry QC MP, on 27 May: 'you might want to leave open the possibility of interfering with the Human Rights Act?' Mr Gove replied 'we might enhance it in all sorts of ways'.

The refusal by Mr Gove, and the government, to commit to retaining the Human Rights Act as it stands may well be regarded sceptically.

The overriding issue is one of trust, which is now at an all time low after the UK government tabled the Internal Market Bill, with Clauses 42, 43 and 45. These clauses pave the way for Ministers to make legal changes that would undermine or breach the Northern Ireland Protocol - an international Treaty that the UK is bound to uphold. The EU's legal action against the UK, announced on 1 October, alleging breach of the good faith obligation, underscores just how dicey the situation is.

If the EU and UK cannot reach agreement on data protection, and will not commit to retaining the Human Rights Act, then it will follow that there will be no deal on security co-operation. This will have far-reaching implications for UK law enforcement. National security would be vulnerable is there is a weakening of data exchange between law enforcement bodies, according to John Scarlett, former head of MI6, who is quoted in the Financial Times. For example, it would affect the ability of law enforcement authorities to respond to external threats.

Julian King, former EU Security Commissioner, has said that if Britain is "unplugged" from the EU law enforcement systems, it would significantly impact the ability to track down criminals who move across borders. He also suggested that UK data will be deleted from EU databases after 31 December, if there is no security co-operation agreement (again in the Financial Times).

Data is an integral element of modern policing. Tracking movements of criminals and terrorist suspects across borders is fundamental to law enforcement and intelligence work. Currently, UK police can enter information and know it is available to police forces in 27 other countries. Without access to European databases, that work becomes slower and more difficult. Some have described is as 'replacing a smartphone with a telex machine'.

Richard Martin, Deputy Assistant Police Commissioner and UK Enforcement Lead for Brexit, told the FREU Committee on 14 July that the time to obtain a criminal record from an EU country would increase from 6 to 60 days, if UK loses access to the European Criminal Records Information System (ECRIS). Mr Martin added that the UK "exchanges over 4,000 criminal records a week with our European partners." The UK also stands to lose access to the Schengen Information System (SIS II), that speeds up arrests and extradition processes.

As highlighted by Barry Sheerman MP, in the FREU Committee on 14 July, it would seem that if Britain does unplug, the main beneficiaries will be the criminals.


Iptegrity is made available free of charge. You may cite my work, with attribution. If you reference the material in this article, kindly cite the author as Dr Monica Horten, Visiting Fellow, London School of Economics and Political Science , and link back to You will also find my book for purchase via Amazon.

About me: I've been analysing analysing digital policy for over 13 years. I hold a PhD in EU Communications Policy as well as a Post-graduate diploma in marketing. For many years I was a telecoms journalist, writing for the FT among others. I was an early adopter of the Internet and followed the introduction of the Single Market in the telecoms sector. I am interested in the effects of Brexit and technology. Please get in touch if you'd like to know more about my current research.

If you liked this article, you may also like my book The Closing of the Net which discusses the backstory to content online policy and it introduces the notion of structural power in the context of Internet communications . Available in Kindle and Paperback from only £15.99!


Find me on LinkedIn

About Iptegrity is the website of Dr Monica Horten.

I am a tech policy specialist, published author, post-doctoral scholar. I hold a PhD from the University of Westminster, and a DipM from the Chartered Institute of Marketing. Currently working on UK Online Safety Bill.

Recent media quotes: BBC, iNews, Times, Guardian, Politico.  Panelist: IAPP,  CybersecuritySummit. Parliament and Internet. June 2022-July 2023 w/ Open Rights Group. is made available free of charge for non-commercial use. Please link back and attribute Dr Monica Horten.  Contact me to use any of my content for commercial purposes.