The CJEU ruled on Tuesday that Directive 2002/58/EC (‘the Directive’) precludes national legislation from ordering telecommunication companies to transfer data in a “general and indiscriminate” manner to security agencies, even for purposes of national security. This is following a challenge by Privacy International to UK security agencies over their practices of collecting bulk communications data (BCD).
The ruling could throw up roadblocks to a post-Brexit “adequacy” agreement over the UKs data protection regime. Adequacy is granted to data protection regimes to confirm that they conform to the data protection standards of GDPR, and thus that companies may move data about EU data subjects outside of the EU to those regimes. Recently, the adequacy rating of the US “Privacy Shield” was invalidated by the Schrems II judgment. This ruling could prove to be an analogous issue for the UK’s adequacy rating at the end of the transition period.
The CJEU has ruled, in a first for that regulation, that the use of “Zero Tariff” contracts are inconsistent with its “Open Internet” regulation (Regulation 2015/2120). The regulation “aims to establish common rules to safeguard equal and non-discriminatory treatment of traffic in the provision of internet access services and end users’ rights”. Its intention is to legally establish the principle of ‘Net Neutrality’, whereby internet access providers are prohibited from giving preferential treatment (for example, limiting access or increasing traffic speeds) to specific websites and users.
The issue in this case was whether zero tariff contracts offered by Telenor, an Hungarian internet access provider, contravened net neutrality regulation. Zero tariff contracts provide data allowances to their users, (1 GB, for instance), which the consumer is allowed to use as they please. On running out of data, typically internet access would be stopped. However, in its two zero tariff contracts, called MyChat and MyMusic, certain websites and applications did not run down the data allowance. Furthermore, even once the data allowance had been used up, the same websites and applications could still be accessed, although otherwise no internet access was provided.
The Court of Appeal, overturning a Divisional Court decision, has found the use of a facial recognition surveillance tool used by South Wales Police to be in breach of Article 8 of the European Convention on Human Rights (ECHR). The case was brought by Liberty on behalf of privacy and civil liberties campaigner Ed Bridges. The appeal was upheld on the basis that the interference with Article 8 of the ECHR, which guarantees a right to privacy and family life, was not “in accordance with law” due to an insufficient legal framework. However, the court found that, had it been in accordance with law, the interference caused by the use of facial recognition technology would not have been disproportionate to the goal of preventing crime. The court also found that Data Protection Impact Assessment (DPIA) was deficient, and that the South Wales Police (SWP), who operated the technology, had not fulfilled their Public Sector Equality Duty.
In response to a legal challenge brought by the Joint Council for the Welfare of Immigrants (JCWI), the Home Office has scrapped an algorithm used for sorting visa applications. Represented by Foxglove, a legal non-profit specialising in data privacy law, JCWI launched judicial review proceedings,, arguing that the algorithmic tool was unlawful on the grounds that it was discriminatory under the Equality Act 2010 and irrational under common law.
In a letter to Foxglove from 3rd August on behalf of the Secretary of State for the Home Department (SSHD), the Government Legal Department stated that it would stop using the algorithm, known as the “streaming tool”, “pending a redesign of the process and way in which visa applications are allocated for decision making”. The Department denied that the tool was discriminatory. During the redesign, visa application decisions would be made “by reference to person-centric attributes… and nationality will not be taken into account”.
The Human Rights Committee, reviewing NHSX’s current digital contact tracing app architecture, has recommended that the government’s current privacy assurances are not sufficient to protect data privacy and that legislation must be passed to ensure that. This echoes Professor Lilian Edwards’ call for primary legislation to ensure privacy rights are protected. These recommendations are given special significance NHSX’s choice to adopt the controversial and arguably less secure “centralised” model (an explanation of the different contact tracing models and Prof Edwards’ suggested legislation can be found here).
Latest news: GCHQ has published a detailed blog article which seeks to explain (and defend) the new NHS contact tracing app, which the Government regards as the key to a controlled exit from lockdown.
Coronavirus presents a serious threat to society, legitimising the collection of public health data under Article 9:2 (g) of GDPR regulations, which allows the processing of such data if “necessary for reasons of substantial public interest”. Some of this collection will take the form of contact tracing apps, which have been used in containing the spread of coronavirus in countries such as Singapore.
They work by broadcasting a bluetooth signal from a smartphone which is picked up by other smartphones (and vice versa), meaning that if one user contracts coronavirus, those who have been in contact with that user can be effectively warned and given further advice to stop the spread.
NHSX, the body responsible for setting NHS data usage policy and best practice, has been developing a contact tracing app which is currently undergoing effectiveness trials at RAF Leeming. As it stands, the app either tells you “You’re okay now” or “You need to isolate yourself and stay at home”. It seems likely that this or a similar app will be rolled out over the UK in the coming months.
The Fisheries Bill 2020, part of the government’s core legislative program on post-Brexit environmental policy, is currently in the House of Lords at committee stage, and is expected to receive royal assent in the coming months (although exactly when is subject to how successfully the House of Lords can adapt to meeting via Microsoft Teams). It would establish Britain’s departure from the Common Fisheries Policy (CFP) on January 1st 2021, and sets out how fishing rights would work post transition period and CFP.
Given the passion that fishing rights raise, you might be forgiven for thinking that they were absolutely essential to the functioning of the UK and EU economies. In fact, fishing accounts for around 0.1% of both. A joke going around environmental blogs is that green bills are like buses – none come when you need them, then they all arrive at once. Perhaps for the Environment and Agriculture Bills – discussed by me here and here. But the Fisheries Bill feels more like the Brexit Bus than a local routemaster. It promises the repatriation of sovereign powers and gains in the millions by taking back control of our waters, while hiding potential losses in the billions, if issues with fishing rights derail trade negotiations – a slim but real possibility.
Even the most entrenched remainer, however, would have to recognise the multiple failures of the CFP. It has been plagued by mismanaged quotas and outsized lobbying interests since its inception, and it has clearly favoured certain member states over others. The Fisheries Bill has as such been largely well received by environmental groups, such as Greener UK, who comment that the “focus on climate change and sustainability is very helpful”. I’ll start with what the bill actually says, then discuss the EU negotiation position and conclude with a few comments about what the legislation may mean for the future relations.
Good news from the crisis front, although I’m afraid not the one we’re all thinking of: the government’s Agriculture Bill, which sets out its major post-Brexit agricultural policy, has recently passed committee stage and will soon (coronavirus permitting) be presented to the House of Lords. It shows ambition from the government to develop a post-Brexit agriculture policy with laudable commitments to harnessing the power of farmers to help address the climate crisis, and helps to address issues such as food security. Along with the Environment Bill, discussed here, it constitutes some of the core legislation aimed at achieving the government’s Net Zero by 2050 goal.
The government’s haunting refrain, since their 2018 ‘Health and Harmony’ consultation on post-Brexit agricultural policy, has been “public money for public goods”. The bill puts this into practice by giving the secretary of state power to dismantle the subsidy schemes of the Common Agricultural Policy (CAP) and replace it with the Environmental Land Management Scheme (ELMS). Under this scheme, farmers will be awarded for specific activities with ‘public goods’: good practices that further environmental goals in areas such as biodiversity and soil health that the market does not sufficiently incentivise.
On 26th February, parliament held its second reading of the government’s revised Environment Bill 2020, setting out its agenda for environmental reform and governance post-Brexit. It would provide the secretary of state with powers to create new regulations on air quality, water usage, waste disposal and resource management, biodiversity, and environmental risk from chemical contamination, and would create a new non-departmental public body, the Office for Environmental Protection (OEP), as an environment watchdog. The government describes it as the most “radical” environmental legislation to date, and sees the bill as paramount to ensuring both its 25 Year Environment Plan and its Net Zero Carbon Emissions by 2050 goal.
The bill faced criticism both from parliament and from environmental groups. Greener UK, a coalition of 13 major environmental organisation, has said that as it stands, the bill “[would] not achieve what is has promised”, criticising it for lacking ambition and including no legal requirements for the government to prevent backsliding on EU environmental regulation. MPs, both Conservative and Labour, specifically criticised the lack of ambition in air quality. Others criticised the proposed structure of the OEP as being insufficiently independent of the government to match the ambitions of the bill to create “a world-leading environmental watchdog that can robustly hold the Government to account”.
The Bill in Brief
The bill, as it stands, is divided into eight sections, which can be grouped into three major areas: giving the secretary of state the power to amend regulations in areas of environmental concern, legally enshrining biodiversity targets, and creating an environmental watchdog called the Office of Environmental Protection. All three are intimately tied to Brexit, with the government intending to use the bill to “transform our environmental governance once we leave the EU”.
This blog is maintained for information purposes only. It is not intended to be a source of legal advice and must not be relied upon as such. Blog posts reflect the views and opinions of their individual authors, not of chambers as a whole.