Digital Brief: Another Brexit data scandal?

The Digital Brief is Euractiv's weekly tech newsletter.

Welcome to EURACTIV’s Digital Brief, your weekly update on all things digital in the EU. You can subscribe to the newsletter here


“This centralised harvesting of citizen’s data is very suspicious…”

Tom Watson, Deputy Leader of the Labour Party, Wednesday 11 September.


BREXIT. News broke yesterday that the UK government has been allegedly attempting to harvest user data, surreptitiously obtaining information from individuals accessing the official website, ahead of the country’s scheduled withdrawal from the EU at the end of October.

The news drew strong reactions from opposition parties. Labour’s Tom Watson said on Wednesday: “This centralised harvesting of citizen’s data is very suspicious. Why would Dominic Cummings say this was a top priority for the government, given the national crisis we are in? We need immediate assurances about what this data is going to be used for.”

Meanwhile, a UK government spokesperson denied that any wrongdoing had taken place. “No personal data is collected at any point during the process, and all activity is fully compliant with our legal and ethical obligations,” the spokesperson said.

Elsewhere, the UK’s data protection watchdog, the Information Commissioner’s Office, has published new guidelines for SMEs in the event of a no-deal Brexit. “In the event of ‘no deal’, EU law will require additional measures to be put in place when personal data is transferred from the European Economic Area (EEA) to the UK, in order to make them lawful.”

NEW COMMISSION. While many were quick to praise Margarethe Vestager as the EU’s next digital tsar earlier this week  following her appointment as the EU’s VP for ‘A Europe fit for the digital age,” a closer look at the revamped structure of Directorates-General reveals that Frenchwoman Sylvie Goulard will in fact have significantly more influence on tech policy. Nevertheless, in the EURACTIV offices, we still had a feeling that Vestager would have some future influence in the EU’s digital field – in June we wrote a piece covering her regulatory plans for the coming years.

Elsewhere in the tech arena, data protection competences will be dealt with by incoming Justice Commissioner Didier Reynders, disinformation is an area to be taken up by new Vice-President-designate for Values and Transparency, Věra Jourová, and Bulgarian Mariya Gabriel is set to oversee science and education as part of her new portfolio, dubbed ‘Innovation and Youth,’ overseeing the €94.1 billion Horizon Europe research programme.

CLOUD. In the cloud arena, Europe has long struggled to establish a presence with US firms dominating. I recently caught up with the Director-General of DG Connect, Roberto Viola, in order to analyse the importance of the EU’s data economy and examine how Europe can achieve a greater level of independence in its cloud services. He told me that “for Europe to lead the next technological race, we need to prioritise investment towards strengthening the existing European cloud infrastructure and service industrial basis.”

GAIA-X. In October, German Economy Minister Peter Altmaier is set to reveal more detailed plans for the establishment of a landmark European Cloud initiative known as ‘Gaia-X.’ Up until now, the European cloud marketplace has been dominated by US firms and many in Brussels are concerned that American involvement in the industry is compromising EU data protection standards and by extension, the concept of Europe’s ‘digital sovereignty.’ EURACTIV dug a bit deeper to find out more.

DIGITAL BORDER CONTROLS. I recently paid a visit to Deutsche Telekom’s cybersecurity centre in Bonn, Germany where we spoke to the Head of Group Security, Thomas Tschersich. Interestingly, he floated the idea of establishing a European ‘digital border control,’ as a means of obstructing internet access to hostile actors in the event of a serious cyberattack. While Tschersich was clear that he didn’t mean an obstruction to internet services, his idea drew criticism from some, including Guillermo Beltrà, policy director at the digital rights group Access Now, who told me that “shutting off the internet, even if only parts of it, should never be the default policy tool at hand.”

CYBERSECURITY. As the EU enters new and uncharted waters in the digital world, a number of pressing questions emerge as to how the bloc can distinguish itself in a highly competitive marketplace. One such area is cybersecurity, where, following several legislative instruments over the past years, including the NIS Directive in 2016 and the Cybersecurity Act earlier this year, there are still some who are calling for tougher measures.

This is a responsibility that will now come under the remit of Internal Market Commissioner Sylvie Goulard – and she will most likely have her work cut out. Earlier this week, I conducted an overview into the EU’s cybersecurity landscape and what we can expect over the coming mandate.

UK CYBERSECURITY ACT DILEMMA. The UK government has issued a call for views on the UK’s proposed approach to cybersecurity certification, following its planned departure from the EU. In preparation for Brexit, the “UK will therefore seek to enter into negotiations with the EU on mutual recognition arrangements” in order to recognise each other’s cybersecurity certification regimes.

DISINFORMATION. The EU’s current Security Commissioner, Julian King, appeared before the European Parliament’s Civil Liberties committee this morning and gave a deeper insight into the EU’s efforts against fake news – the Code of Practice against disinformation.

King revealed that the Commission will communicate an overview on how the Code is going before the end of October, and a full review will be published at the beginning of 2020. And regulation could be in store: “Should the results prove to be unsatisfactory…the Commission should be ready to propose further actions…including of a regulatory nature,” King said.

5G. In addition, King revealed that the Commission has been in talks with the US, Australia & New Zealand over the security of 5G networks. Responding to a question from ECR’s Nicola Procaccini about the EU’s position against Chinese telecommunications firm Huawei, King said at the end of the EU’s 5G security review, to be concluded before the end of the year, the Commission plans to come to a position where they identify certain firms that may “be deemed unsafe, because they pose risks.”

EPRIVACY. German MEPs will dominate the important seats in upcoming negotiations with the Council on the controversial ePrivacy file in the Civil Liberties committee. With most of the shadows having been appointed, we see Birgit Sippel (S&D) as lead rapporteur, with support from the EPP’s Axel Voss, the Greens’ Patrick Breyer, Renew Europe’s Sophie in’t Veld, and GUE’s Cornelia Ernst.

UBER. Across the pond, legislators in California approved a landmark bill this week that requires companies like Uber and Lyft to treat contract workers as employees, read more on the New York Times.

#EUINFLUENCERS. Politico’s Ryan Heath walked away with the top prize during this year’s #EUInfluencer ceremony, held by EURACTIV and ZN Consulting this week. See the full list here.  


On my radar.

Next week I’m going to explore Huawei’s autonomous vehicle testing centre in Wuxi, China. The company is keen to showcase the importance of CV2X technologies to Europe, following a brief pushback in the Commission’s DG Move just before the summer break. Let’s see if the technology is all it’s cracked up to be.


What else I’m reading this week:


Upcoming Events

Propelled by the move to cashless societies and fast-growing e-commerce, the payments industry is expected to grow from €715 billion in 2010 to €2.1 trillion in 2027. EURACTIV invites you to a high-level forum on September 25 to discuss the future of payments and how to ensure a competitive and innovative payments market in the EU.

Subscribe to our newsletters