Data adequacy and cross-border privacy rules were on the agenda at the first “comprehensive dialogue on technology and data” meeting between US and British officials in Washington. An adequacy agreement would allow information to flow freely across the Atlantic, and ensure UK citizen data is protected. The government has yet to confirm when a deal will take place, having initially said last year it would be done in a “matter of weeks”, but hopes to complete it this year.
In October, the Department for Digital, Culture, Media and Sport (DCMS) confirmed it was working on an adequacy agreement with the US and hoped to reach an agreement in weeks, but it has yet to materialise. At that meeting, a new annual dialogue was agreed between the two countries on technology and data cooperation.
The first of those “dialogues” was held in Washington this week to discuss potential areas of agreement that could be reached this year including improving global trusted data flows and multilateral discussions with the Global Cross-Border Privacy Rules Forum.
This forum was launched in April last year to establish a certification system companies can use to demonstrate compliance with a range of internationally agreed privacy standards. It is a major step towards a new international data framework and is designed to improve data flows between countries.
Officials also agreed to finalise and implement a data bridge for US-UK data flows that would allow for an adequacy agreement and reduce the risk of UK companies falling foul of UK data regulations when sharing information across the Atlantic.
These types of data adequacy agreements allow personal data to be transferred between countries. The UK already has an agreement with the EU and South Korea.
The US also has a data privacy agreement with the EU known as the Data Privacy Framework, finally agreed last year after two previous data-sharing agreements were invalidated in the European courts following challenges by privacy campaigners.
These succeeded as the level of data protection in the US was lower than what is required under GDPR as US government agencies can requisition data from the servers of private companies as part of an investigation – something counter to EU legislation.
A UK-US agreement presents a similar risk for British citizens’ data but previously the DCMS has said it would ensure “robust protections” are in place under any agreement.
UK US tech talks: OpenRAN and semiconductors
As well as agreeing to formalise a data bridge between the UK and US, officials at the dialogue agreed to promote secure and interoperable telecommunication systems such as the UK-backed OpenRAN, as well as work on ensuring a cooperative approach to telecoms R&D.
There will also be discussions on license-exempt technologies in the 6 GHz band, the upper part of which is already used by a range of services including fixed satellite services, short-range devices, Earth exploration satellites and radio astronomy, however telecommunications industry body GSMA describes this band as “vital to the future of global connectivity”.
Officials also agreed to champion the new OECD Global Forum on Technology to support shared ambitions for a wider community of partners committed to ensuring technology is designed, developed and deployed in a way that reflects the “shared values” of members.
Semiconductors were also on the agenda, as the US looks to reduce its reliance on chips made in China, and place limitations on Chinese access to high-end technology. The US and UK will look to identify ways for closer cooperation on semiconductors including through skills, investment and R&D.
Standards in artificial intelligence, designed to create trustworthy AI were also discussed, including the development of joint research projects, information sharing and commercial cooperation.
No specific agreements have been revealed beyond the areas where there will be more specific work between officials throughout 2023. There will be quarterly updates published with the next round of discussions scheduled for January 2024.