UK law enforcement agencies could be cut off from databases that support cooperation with European counterparts after Brexit because of their handling of personal data, a thinktank study has warned.
The Institute for Government’s (IfG) paper on Negotiating Brexit: policing and criminal justice says that unless resolved, this will prevent British police from using shared resources such as the Schengen Information System II (SIS II) and European Criminal Records Information System (ECRIS).
The report – based on interviews with government officials, legal professionals, others working in policing and criminal justice and academics – highlights fears this will make it more difficult for agencies to get crucial information in their investigations.
It says SIS II as the most heavily used and regarded as crucial to policing, currently containing almost 76.5 million alerts on missing and wanted people and objects. Over 2017, 539 million of the 5 billion queries lodged on the system came from the UK.
ECRIS and the Europol Information System (EIS) are also important, while police also have access to data from the Passenger Name Record (PNR) and national databases covered by the Prüm Convention, the benefits of which are harder to assess because they are more recent.
The UK has had access to these as a member of the EU, but as a third country will be subject to closer scrutiny of its approach to national security as a condition of continuing to use them.
It runs into a problem with the UK’s relatively weak data protection rules, which are weak by EU standards, the European Court of Justice (ECJ) having twice struck down its handling of personal data.
The judgments related to the 2016 Investigatory Powers Act 2016 – or ‘snooper’s charter’ – “with respect to data retention and the bulk collection of data by the security services”.
The IfG report says the provisions “arguably contravene fundamental rights as enshrined in the Charter of Fundamental Rights (CFR)”.
It says: “As a member state, the UK has some room for manoeuvre: national security is the responsibility of member states and outside the EU’s competence. But the EU holds third countries to a higher standard.”
This year’s Data Protection Act could also cause problems, the report says, partly because it removed data protection rights for any investigations relating to immigration probes.
The UK Government is aware of the difficulties it is likely to face, but “as yet there has been no clear proposal” that could resolve the problem, the IfG says.
“Given the tight timelines, these issues need to be addressed as a matter of urgency. Only then is there any chance of the EU even considering the UK’s proposal for a reciprocal arrangement on data protection,” the report says.
It recommends that the Government should recognise that it cannot maintain all its current special arrangements and provide reassurance that after Brexit it will take the protection of personal data seriously. These would be evidence of a willingness to compromise and show the other EU countries that the UK is a valuable partner.
The IfG also says the UK might avoid future ECJ judgements against its handling of personal data if it incorporated the CFR into UK law – but the Government has refused to do so.
The Government has acknowledged the importance of the databases in its white paper on the future relationship between the UK and EU and argued it is as much in the latter’s interest to maintain shared access.
Image by Chris Dlugosz, CC BY 2.0 through flickr