Brexit and the ‘Splinternet’

By TruePublica: There are two major problems for Britain leaving the European Union in the way that the Boris Johnson government is threatening when it comes to the tech and cyber-security industries and these problems has given rise to it being called the splinternet.

A recently published UK government report has just revealed, amid growing concerns in the tech industry ahead of the country’s scheduled departure from the EU, that £23.1 billion is threatened. That is almost half of the UK’s digital exports going to the European Union alone.

The second is a troubling sign that Britain’s close security cooperation with the EU will, indeed, be strained by Brexit—and, in fact, already has been—an alarm U.K. security officials have been trying to sound for months.

 

Let’s deal with the first. A report by EUACTIV published just two days ago says:

The data released last week covers UK trade across sectors under the remit of the government’s Department for Digital, Culture, Media and Sport (DCMS). It shows that exports to the EU for services in the field amounted to £23.1 billion in 2017, representing 42.8% of the total services exported. Of DCMS sectors, the largest individual exporting to the EU was the Digital Sector, representing £19.4bn worth of trade.

In terms of goods, the UK exported £11.3 billion of DCMS Sector goods to the other EU member states, 40.1% of total DCMS Sector goods exported by the UK, with goods from the digital sector, once again, having the largest share of this figure.

The UK government analysis further highlights that the European Union is a ‘key partner’ for trade across the sectors examined and that of specific EU countries, France, Germany, Ireland, the Netherlands, are particularly noteworthy trading partners.

Meanwhile, the figures for the UK’s imports from the EU are just as daunting.

The UK’s DCMS Sector imported £13.5bn (44.5% of total services imported by the DCMS Sector) of services from EU member states in 2017. In terms of DCMS goods, the UK imported £21.1bn from other EU members in 2017, 44.9% of UK goods imports in the field.

The data has sent shivers through many in the tech industry, concerned that the impending threat of the UK crashing out of the EU could have a severe impact on business in the field.

Dom Hallas, Executive Director of the UK tech lobby group, Coadec, highlighted the fact that the digital economies of the UK and the EU are closely linked and that trade in this area cannot be discounted. “These figures are yet another reminder that the digital economies of the UK and EU are deeply interwoven – and the rules that govern them can’t be torn apart post-Brexit.”

The trouble is – they will be.

Hallas also commented that the numbers cement the UK’s role as the “top ecosystem in Europe…[and]…show that neither side benefits from a disorderly Brexit – but British tech startups will suffer more.”

The government knows this. The publication of Operation Yellowhammer shone a light on disruptions to businesses reliant on transferring data between the EU and the UK. The document warned that in a no-deal scenario, an adequacy assessment of data transfers between the UK and EU could take years.

 

Security

Then there’s the second big problem. National security. Last month, the FT (paywall) reported that British diplomats were excluded from an EU meeting on cybersecurity, even though the UK is still part of the European Union.  The U.K. ambassador to the EU complained that British officials had been “disinvited” from an EU cybersecurity meeting. That meeting was about cybersecurity, intelligence-sharing and inter-state espionage.

The current relationship between Britain and the EU on data sharing when it comes to cybersecurity threats, terrorism and serious crime has been a great success for all involved. That is now coming to a dramatic end.

“Any form of Brexit makes our security more difficult to manage,” John Sawers, a former head of foreign intelligence service MI6, told Sky News. And – “The harder the Brexit, the greater the damage.” 

Meanwhile, the National Police Chiefs’ Council has cautioned that fall-backs to current information-sharing agreements with European law enforcement agencies “will be slower, more bureaucratic and ultimately less effective.”

In addition, weaker security coordination, particularly on cybersecurity, is bad news for British business, or indeed any international firm with offices in the U.K. It is also further evidence of the extent to which the Internet—once seen as a great global unifier—is “Balkanizing“, splintering into geographic regions with different rules and different standards on everything from data privacy to security to net neutrality and free speech.

Jeremy Khan at Fortune reports that:

There are a few good arguments for why Internet regulation should vary by region, such as varying definitions of what constitutes illegal hate speech between different countries. But there’s no denying this so-called “Splinternet” makes life harder for any business with an international web presence (i.e. almost every business). Complying with different rules for different customers and employees adds costs, complexity and increases risk.

“It’s a huge administrative nightmare,” says Ann LaFrance, a partner at the law firm Squire Patton Boggs who specializes in data privacy and cybersecurity issues. LaFrance says that some of her firm’s global clients have commissioned time-consuming and expensive 50-country data protection compliance reviews, to ensure they are abiding by current laws. But, she says, the reviews are complicated by legal definitions that vary by geography and an ever-shifting landscape of rules. Meanwhile, in the U.S., companies also face an increasingly chaotic web of state-level data privacy regulations, she says.

With Brexit, LaFrance also points out, it is not only cybersecurity coordination that is at risk. So too is whether the U.K.’s surveillance powers, which enable the bulk collection of certain Internet data, will be judged to violate E.U. data privacy laws. If they are, she says, the U.K. and the EU could be barred from transferring back-and-forth any personal data at all after Brexit.

The trouble with cybersecurity is that its an ever-moving target getting ever more sophisticated with each passing day and collaboration is by far the best method of focusing a range of skill sets to keep up with not just criminals but nefarious state actors. Everyone is less secure with a no-deal Brexit. What this does is open up a vulnerability and that’s exactly what hackers are always on the lookout for.

A 2018 report from technology research firm Forrester warned corporate information security executives that Brexit would make the sharing of real-time intelligence about cyber-threats more difficult and impede a coordinated response to sophisticated trans-national cybercriminal networks.

With a no-deal Brexit, agreements get torn apart, data does not flow, collaborative efforts are stymied with the result being that the internet between Britain and EU creates an environment where everyone, including businesses, citizens and national security is weakened. The ‘splinternet’ will be troublesome in future and most costly to Britain in more ways than one.

 

 

---