In two of the Brexit negotiating papers published last week, the UK government sang the praises of EU mechanisms - in civil justice and data protection respectively - expressing the wish to remain as much as possible under the umbrella of EU law in these areas.
The Law Society has rightly patted itself on the back for its influence over the civil justice paper, which actually mentions the Law Society’s ‘thorough analyses on the value of comprehensive cooperation with the EU on civil justice’.
But there has been little attention paid to the second paper, on data protection. It acknowledges what has been widely known for a long time, that – whether we like it or not – we will continue to be bound by EU data protection legislation for data exchanges with the EU, even after we leave.
What is of interest to lawyers is that we are mentioned by name in the paper: ‘In the UK, it has long been established that personal information should be protected in certain contexts. Doctors are expected to protect confidential information about their patients, and lawyers about their clients.’
This should trigger a memory for lawyers, because it was not so long ago that the Law Society intervened in a case which ended up before the Court of Justice of the European Union (CJEU) - C‑698/15. It was brought initially by none other than our chief Brexit negotiator himself, David Davis, against his current boss, Theresa May, when they were each in their previous positions: he a backbench Conservative MP and she the home secretary. David Davis dropped out as soon as he was appointed to the government, and so the case is now known by the name of his co-plaintiff, Tom Watson, deputy leader of the Labour Party.
Their claim centred on whether the data retention provisions of the Data Retention and Investigatory Powers Act 2014 (DRIPA), promoted by Theresa May as home secretary, contravened EU law, including the provisions of the Charter of Fundamental Rights of the European Union. The Law Society intervened to express concern about the effect of blanket surveillance legislation on professional privilege.
The Court decided in Tom Watson’s favour, saying that EU law precludes national legislation regarding access by national authorities to retained data, where, among other things, access is not subject to prior review by a court or an independent administrative authority.
The case neatly illustrates the point that all EU law is tied together into an inseparable tangle, and it causes legal and structural disjunctions to choose parts of it and reject others.
So, the UK says in its latest paper that it loves EU data protection law and wants to continue to be part of it, so much so that it wants the Information Commissioner’s Office to participate in EU regulatory discussions which will take place after our departure. It also recognises the needs of lawyer confidentiality. But at the same time it says that it will no longer be bound by the Charter of Fundamental Rights, nor by the CJEU which interpreted the Watson case in the light of the Charter’s provisions. The UK adds in the paper that the EU must respect UK sovereignty, including the UK’s ability to protect the security of its citizens.
So how would the Watson case be dealt with under any future Brexit deal? Would our courts decide it differently, given that they are not judging the EU directive itself, but the law implementing it in the UK, and not in accordance with EU principles (for instance, the Charter) but with our own law? And what will that mean for lawyer-client confidentiality?
The UK says proudly in its latest paper that it ‘will fully implement’ EU data protection legislation after Brexit because of its current alignment, and that that is why things should go on as they are, through mutual recognition of each other’s systems. Mutual recognition, yes. But ‘fully implement’, no. The dispute resolution mechanism will be different (no CJEU); the principles of interpretation – the meaning - will also be different, because the UK has rejected the generality of EU law and values, including the Charter (which is practically the first item mentioned in the EU’s new data reform package as containing the principles which underlie its interpretation); and the UK will retain the right unilaterally to change its data protection laws to permit matters which EU law currently forbids.
At the time, the president of the Law Society hailed the outcome of the Watson case: ‘Today’s ruling strongly supports the need to protect sensitive information such as legally privileged material, which is private information belonging to the client, and to ensure it is accessed only when absolutely necessary, with robust and independent oversight.’
Will Watson eventually go the other way in the UK?
Jonathan Goldsmith is Law Society Council member for EU matters and a former secretary general of the Council of Bars and Law Societies of Europe. All views expressed are personal and do not necessarily reflect the views of the Law Society Council.