Commissioner: UK ‘must avoid data protection Brexit’

Media captionQuestions asked over Yahoo breach

The UK’s new information commissioner has called for the country to adopt forthcoming EU data protection laws, despite its plan to leave the Union.

“I don’t think Brexit should mean Brexit when it comes to standards of data protection,” Elizabeth Denham told BBC Radio 4’s PM programme.

She added she would press WhatsApp over plans to share data with Facebook.

The new EU data protection regulations are designed to strengthen the rights individuals have over their data.

The idea is to make companies take the issue of data protection far more seriously.

The rules make it mandatory for large companies to employ a data protection officer and data breaches must be reported within 72 hours.

The legislation will take effect in 2018 and will apply to any company that handles EU citizens’ data, even if that company is not based in Europe.

“The UK is going to want to continue to do business with Europe,” Ms Denham told the BBC’s Chris Vallance.

“In order for British businesses to share information and provide services for EU consumers, the law has to be equivalent.

“The UK was very involved in the drafting of the regulation – it will likely be in effect before the UK leaves the European Union – so I’m concerned about a start and stop regulatory environment.”


Analysis by Rory Cellan-Jones, BBC Technology correspondent

She’s another Canadian in a high profile job as a UK regulator and – like Mark Carney at the Bank of England – Elizabeth Denham is now showing she’s not afraid to step into tricky political territory.

The new information commissioner made it clear that, in her view, leaving the EU did not mean leaving behind European regulation when it came to data protection.

To use such an explicit phrase as “I don’t think Brexit should mean Brexit” in the context of data laws could be seen as courageous – or perhaps foolhardy.

But consumers will take more notice of her warning about WhatsApp’s sharing of data with its parent Facebook.

She’s shown she sympathises with the public’s anger on this issue – now let’s wait and see if she will back that up with action.


Ms Denham also told the BBC she had questions to ask of web giant Yahoo, which has admitted 500 million user accounts were breached in what it suggested was a state-sponsored attack.

It is thought eight million accounts belonged to UK users.

Image copyright
EPA

Image caption

Yahoo’s breach is the largest ever publicly disclosed

“This data breach is unprecedented. The numbers are staggering,” she said.

“Why did it take so long for Yahoo to notify the public of the breach? It looks like it happened two years ago. What can these account holders do to protect themselves?

“I’m asking those questions on behalf of UK citizens.”

Ms Denham also said she would probe WhatsApp’s controversial plan to share more of its users’ data with its parent company Facebook.

“We are told the data is not yet being shared,” she told the BBC.

“We have launched an investigation into the data sharing, remembering that in 2014 when Facebook bought WhatsApp, there was a commitment made that between the two companies they would not share information.

“We are in a dialogue with Facebook and WhatsApp. It’s an active and important investigation. You will hear from us very shortly.”



comments powered by Disqus