Brexit begins to deliver on race-to-the-bottom deregulation: according to reports from UK-based NGO Open Rights Group, the recent free-trade deal with Japan will allow GDPR-level protections on Britons’ data to be circumvented. Specifically, US-based companies will be able to route UK users’ data through Japan, thereby defeating regulatory protections UK law inherited from the EU. It is interesting to see strategies and loopholes traditionally used for internationally produced goods now being applied to user data.
Politico.eu recently ran an interview with Ciaran Martin, the outgoing chief of the UK’s National Cyber Security Centre. In it, Martin raises the alarm against Chinese attempts at massive data harvesting in the West (specifically in regard to the development of AI). This issue naturally dovetails with the US debate on the banning of TikTok. Herein lies the problem. Both national security agencies and major social media companies have endeavored to normalize perceptions of industrial data collection and surveillance over the past decade or two: that public opinion might be desensitized to the threat posed by foreign actors with access to similar data troves is therefore not surprising. The real challenge in repurposing a Cold War mentality for competition with China in the cyber domain today, in other words, is not so much a lag in Western –especially European– ICT innovation (Martin is himself slipping into a pantouflage position with a tech venture capital firm): it is a lack of urgency, of political will in the society at large, an apathy bred in part of acquiescence in surveillance capitalism.