The Future of EU-UK Digital Trade

BusinessGDPRtech
Written By

The EU-UK Trade and Cooperation Agreement (the “TCA”) has set out the framework for the UK’s departure from the European Union, ranging from fishing rights to rules on cross-border imports and exports. One area mentioned in the TCA is “Digital Trade”.

The new rules on digital trade are worth knowing for all UK and EU-based businesses operating in the digital and online space. Luckily, the digital trade provisions in the TCA are (according to the UK government at least) some of the most liberalising and modern digital trade provisions in the world – highlighting the intentions of both sides to continue to promote growth of the digital sector. 

What is “digital trade”? 

Put simply, there is no single agreed definition, as the term covers such a large area of activity. There is a growing consensus, however, that digital trade not only refers to all trade conducted “digitally” (for example, online payment services, or the purchase of a subscription through an app), but also all trade that is “digitally enabled” but physically delivered (such as ordering food online, or commissioning work from an artist through a portal). It also covers trade that leverages data, or uses smart manufacturing, or global supply chains organised through a digital medium. 

In this way, nearly all businesses use a digital element in their trade. For example, if a company has a website where it sells goods or services, whether that is graphic design, accounting, or even in-person building services, that business would be taking part in “digital trade”. 

In light of the Covid-19 pandemic, this push towards digital trade has been accelerated at lightning speed. For example, McKinsey reported a seven-year increase in the rate at which businesses are creating digital or digitally-enhanced offerings. 

Therefore, it is important to know what is new, and what is staying the same, under the TCA and in a post-Brexit world for EU-UK digital trade.

Cross-border data flows

The TCA states that neither bloc can put in place measures which would prevent data from being freely transferred across the regions. Such measures could include rules on the localisation of data - such as data being processed or stored in a certain territory or using certain territory-specific computing facilities or networks. 

A sticking point for such “free movement of data” has been the free flow of personal data between the European Economic Area and the UK. For the moment, personal data can be freely transferred from the UK to the EEA without additional steps, and vice versa until mid-2021, and until the UK receives an “adequacy decision” from the European Commission - which is looking more likely than had been initially envisaged by privacy practitioners.

However, the TCA states that nothing in the TCA itself shall prevent either the UK or the EU from adopting or maintaining measures in relation to the protection of personal data and privacy, including measures affecting cross-border data transfers. As such, it will be worth monitoring developments.

The free flow of personal data may indeed be interrupted in the event that the UK amends its privacy laws to significantly deviate from the “gold standard” provided under the EU’s GDPR, in which case it is highly possible that any adequacy decision may be revoked - as we have recently seen with the EU-US Privacy Shield which was invalidated following the Schrems 2.0 case. Indeed, the draft decision from the European Commission on the finding of adequacy for the UK is subject to a 4 year review - as whilst EU laws have shaped the UK’s privacy practices to-date, divergences may well occur as the UK is no longer bound by EU law.

Electronic signatures and contracts

The TCA contains provisions that guarantee that neither the UK nor the EU will discriminate against or deny the legal admissibility of electronic signatures or electronic contracts on the basis that they are in a digital format. As a result, any contracts that a business or individual may conclude via electronic signature platforms will be legally accepted in both territories and their courts. 

This is exceptionally important now more than ever, given that most people are working from home, and electronic signatures are the quickest way to execute agreements. 

However, there are some exceptions to contracts that can be completed digitally, such as contracts relating to broadcasting, gambling, real estate rights, family law, succession or legal representation, or contracts that require in-person witnesses. Furthermore, both the UK and the EU are free to require the use of an accredited electronic authentication service for certain types of contracts. 

Source code 

For those businesses in the programming and software industry, the TCA also contains provisions in relation to the forced transfer of or access to “source code”.

For a quick description, software has computer-readable code (known as object code) and human-readable code (the source code). As this source code is “human-readable”, it can be replicated, altered, or tampered with. As such, limiting or restricting access to source code is vital to protect your intellectual property rights. Rules on accessing this source code through the reverse engineering of the object code (for example, via decompilation) are in place to protect owners.

The TCA states that neither the UK nor the EU can require the forced transfer of or access to source code owned by a natural person or legal entity.

This is again subject to certain exceptions, including the terms of any applicable commercial agreement. For example, some parties will negotiate to have access to the source code in the event a party’s business becomes insolvent or liquidated, as without this access, any issues in the software can no longer be remedied. 

Customs duties on electronic transmissions and the prior authorisation of online services

Any electronic transmissions are considered to be a “service” under the TCA, and neither the UK nor the EU can impose customs duties on such electronic transmissions. 

The TCA also provides that if a business provides services by electronic means, then prior authorisation solely on the ground that the service is provided online will not be required. However, again, there are exceptions to this rule, including in relation to broadcasting, gambling and legal representation services. 

In conclusion

In light of the exit of the UK from the EU, the two parties have reached a rather flexible position on the future of digital trade between the two regions, which presently does not contain any significant barriers - potential privacy matters aside. This is key given the extremely important role of digital trade to both British and European economies and the role it will play in the survival and growth of several businesses during and post-pandemic – both small and large. 

For now, it seems that businesses operating in the field of digital trade (even if a company is only using using digital tools such as e-signatures) can carry on more or less as normal for the time being. 

Of course, things do become more complex where digital trade exists in a regulated sector such as banking, or where digital trade activities also extend to physical exports and imports, in which case, it is vital to ensure activities are in compliance with the other provisions of the TCA. 

If you have any questions or queries in relation to the above, please do not hesitate to contact us.

Article by Komal Shemar @ Gerrish Legal, first published on ContractorUK in February 2021 / Cover photo by rupixen.com on Unsplash

Previous

The Economy of Influence and Privacy Rights: Focus on Clubhouse
Next

Guidance from the CNIL: What to Expect During an Investigation