No Brexit Deal? Then Its ‘Digital Dover’

Uploaded on 2019-02-07 in FREE TO VIEW, BUSINESS-Services-Law, NEWS-Cybersecurity News

When just 89 lorries turned up in early January for a traffic management rehearsal, staged to understand the impact of the UK crashing out of the EU with no deal, Transport Minister Chris Grayling was roundly mocked for seeming so woefully under-prepared. But it at least showed an awareness that the sudden loss of freedom of trade will quickly lead to 20,000 vehicles a day needing to be parked in Kent until they can clear burdensome new customs checks.

Margot James, Minister of State for Digital at the Department for Culture Media and Sport (DCMS), should not even expect that level of understanding. With the Government regularly highlighting the contribution of digital industries to the economy - £118.4 billion annually or 7% of total GDP - you might expect a contingency plan to be in place for a hard Brexit.

But when did DCMS start to reach out to the industry to discuss what no deal might mean? Monday 18th January. That’s right, with just 12 weeks to go until our 29th March departure, the state decided it was time to look into a sector which is so complicated that even the European Commission has been unable to figure out how it works, effectively parking the planned ePrivacy Regulation as a result. 

Of course, James and DCMS are hostages to Theresa May’s strategy of insisting there is only one possible deal and refusing to allow for any other options to be considered. As the recent thumping defeat in Parliament revealed, it is not a view shared by two-thirds of MPs. So what will happen to UK digital activities - from search and display advertising through to online publishing and e-commerce - if we end up with no deal? 

In all likelihood, virtually the entire industry will carry on as usual, but it will be breaking the law and could face serious consequences as and when regulators in both the UK and the EU decide to act. 

There are two reasons why digital will become an outlaw in this way:  

Firstly, it will take years for the EU to recognise the UK’s data protection laws through an adequacy ruling. Even though our Data Protection Act maps directly onto GDPR, there is a bureaucratic process to go through which could be every bit as grueling as those customs checks at Dover. Until the UK is considered adequate as a third country, however, any data transfers from the EU to the UK would be illegal, unless the parties have put standard contractual clauses in place. But these will be necessary for every partner across the digital eco-system, meaning thousands of new contracts to be negotiated and signed-off.

That’s not work that can be done in a bare three months. (You will still be able to send data from the UK to the EU, by the way, but you won’t be able to get it back.)

One company that will not suffer as a result is Google - it has the US-EU approved Privacy Shield to allow it to continue with data transfers. But only where these stay within its own estate. So advertisers and publishers will yield even more power and money to this virtual monopoly.

Secondly, the digital industry has been clutching at the IAB’s transparency and consent framework (TCF) to keep it on the right side of both GDPR and PECR. 

Unfortunately, a ruling in November 2018 by the French data protection authority CNIL against a geo-location targeting firm Vectaury blew a hole in TCF (although IAB argues this is not the case.)

With no compliant framework for the ad tech sector to operate within and no adequacy ruling in place, legal departments in UK publishers and advertisers may well feel their exposure is too great and order a halt to activities. The result could be a “digital Dover” with consumer demand piled up outside eco-systems that are in shutdown until some legal clarity emerges.

Just as with Brexit itself, many digital marketers will no doubt want to shrug this off and assume either that it will get worked out in a hurry or that regulators will decide to turn a blind eye. Both of those are possible, but not probable. Without fast-tracking of new contracts and swift action by stakeholders across the digital eco-system, 29/3/19 might turn out to have the impact that was forecast for Y2K.

DataIQ:

You Might Also Read: 

UK Cyber Attacks Will ‘Get Worse’ Post-Brexit:

 

« AI In Business: 2019 Trends & Predictions
The Biter Bit: Secret Russian Files Are Leaked »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

BruCON

BruCON

Brucon is Belgiums premium security and hacking conference.

ForeScout Technologies

ForeScout Technologies

ForeScout delivers pervasive network security by allowing organisations to continuously monitor & mitigate security exposures & cyberattacks.

Jamcracker

Jamcracker

Jamcracker is a cloud services management and cloud governance solutions company, with more than a decade of experience providing industry leading software and services.

Wotan Monitoring

Wotan Monitoring

Wotan Monitoring is the software solution for fully automatic process monitoring, infrastructure monitoring and end-to-end monitoring.

FFRI Security

FFRI Security

FFRI is committed to research and development of preventing the most advanced cyber-attacks and breaches.

Baffin Bay Networks

Baffin Bay Networks

Baffin Bay Networks operates globally distributed Threat Protection Centers™, offering DDoS protection, Web Application Protection and Threat Inspection.

Jenson Knight

Jenson Knight

Jenson Knight is a global cyber security, cloud and IT infrastructure staffing specialist.

Sadoff E-Recycling & Data Destruction

Sadoff E-Recycling & Data Destruction

Sadoff E-Recycling and Data Destruction protect the environment and your data with proven and trusted electronics recycling and data destruction services.

oneM2M

oneM2M

oneM2M is a global organization creating a scalable and interoperable standard for communications of devices and services used in M2M applications and the Internet of Things.

AaDya

AaDya

AaDya provide smart, simple, affordable and effective cybersecurity software solutions for small and medium businesses.

Symmetry Systems

Symmetry Systems

Symmetry Systems is a provider of data store and object-level security (DSOS) solutions that give organizations visibility into, and unified access control of, their most valuable data assets.

Future Planet Capital

Future Planet Capital

Future Planet is the impact-led, global venture capital firm built to invest in high growth potential companies from the world's top research centres.

MajorKey Technologies

MajorKey Technologies

MajorKey improves security performance by reducing user friction and business risk, empowering your people, and protecting your IP.

SecurEnvoy

SecurEnvoy

SecurEnvoy are a leader in designing zero access trust solutions using the latest cutting-edge technologies, to protect your users, devices and data, whatever the location.

NinjaOne

NinjaOne

The NinjaOne Platform was built to help IT and MSP teams efficiently manage, patch, and support all endpoints.

Redapt

Redapt

Redapt is an end-to-end technology solutions provider that brings clarity to a dynamic technical environment.