The implications for Brexit on digital and human rights are profound, because they implicate both the enforceability of our rights, and the democratic accountability of our legislators.
This therefore is a first draft of possible demands we would want to see.
- 1 Draft demands
- 1.1 No erosion of rights
- 1.2 Enforceability of rights
- 1.3 Democratic accountability
- 2 Problems we will face
- 3 References
No erosion of rights
EU law ensures high standards of privacy and free expression rights online, which we want maintained and guaranteed. These often need to be enforceable across borders, so we can get redress for privacy problems when our data is kept in another EU country.
Future arrangements will need to guarantee these rights, as UK law, or under agreements with the EU.
Data protection rights can be enforced by a UK citizen, against any organisation within the EU, or that is part of the wider system of data protection “equivalence”, including US companies signed up to “Privacy Shield” arrangements.
We need to know that UK citizens rights will continue to be as easily enforceable, within the UK and overseas.
Free speech protections for web hosts
Forced data localisation
It is possible that the UK will try to force data about people in the UK to be held in the UK. Making companies hold data within the UK as a pre-condition of providing services in the UK would be an unnecessary burden on small businesses. Given the pervasive online surveillance practices of GCHQ and others, mandatory data localisation would also make it easier for UK authorities to access individuals’ personal data, limiting the privacy of UK residents.
Enforceability of rights
"The Repeal Bill ought to tell the courts to take account of post-Brexit CJEU decisions when they are relevant to the case at hand. This would deliver clarity and certainty, but not give the CJEU a higher status than any other foreign court."
How will we get our rights enforced? Regulators and courts play a role.
The UK however has a weaker framework for challenging decisions and laws that are inconsistent with fundamental rights. This is because UK courts are not empowered strike down legislation, even when they are inconsistent with human rights.
In some cases, such as data protection, it is hard to see how rights will be consistently applied and guaranteed if we cannot rely on the CJEU to make judgments.
UK human rights
The UK Human Rights Act 1998 allows courts to rule on the compatibility of legislation with human rights, and for courts to take human rights into consideration in legal decisions.
UK regulators have to make rights consistent with other EU regulators, in areas where digital rights are concerned.
The Information Commissioner has to make data protection decisions that are consistent with other data protection authorities. Ofcom has to make net neutrality decisions that are consistent with BEREC guidelines.
Without these consistency mechanisms, UK citizens may gradually find that rights and approaches are weakened in the UK, if softer interpretations are made.
The EU has also been extremely keen to ensure that regulators are financially, logistically and administratively independent of governments. The UK has not always taken this kind of view, often quite deliberately making regulators lack independence, and behave in a manner that is cautious and slow.
EU courts and EU law
The European institutions also frame their legislation in order to take account of judgments made by the CJEU.
This makes European legislation very accountable to human rights considerations, especially in the longer term, as judgments grow in number, and their meaning becomes better understood by legislators.
Laws set at the EU under a trade agreement would be less open to democratic influence by UK citizens. We would have to lobby representatives of other countries, while our government may get some kind of consultative role.
However, the UK suffers accountability and democratic deficits, which could be much worse with large amounts of work on Internet regulation. In this case, the UK would need to reform its institutions significantly to avoid the civil service and industry lobbyists making all the significant decisions.
The UK Parliament is already overstretched and often fails to examine legislation in any meaningful manner. this is even more true of secondary legislation, which proliferates in many areas of digital rights law.
The European Parliament has to reach agreement with member states through the Council when legislation and trade agreements are made. This ensures that legislation can be subjected to open scrutiny in its committee system.
There are significant deficits in European democratic control, especially in the lack of transparency surrounding Council discussions, and the “trialogue” procedure.
However, from a UK perspective, the prospect of accepting European law with no democratic input from elected representatives from the UK would both disempower citizens, and over time, shift the approach of EU law to one that may be less acceptable to British institutions and business. It is not clear that it would be a sustainable approach.
Problems we will face
British institutions traditionally favour executive and Parliamentary power over constitutional claims and matters of rights.
Our institutions at this point lack experience, powers and duties to take on areas of EU law that affect digital rights.
Parliament itself is geared towards “doorstep” issues in the House of Commons and experience in the House of Lords that is sensitive to matters of law. Neither can claim to provide a well-resourced, future-orientated scrutiny system.
The civil service would need to develop expertise in areas of Internet policy. This is quite possible, but hard while the government wants to hold spending in check. There will be a temptation to do policy “on the cheap” and also to listen and rely on business in the place of developing its own expertise.