Sector Overview

The UK digital sector covers digital goods, digital services and digitally-enabled transactions of goods and services, whether digitally or physically delivered, involving consumers, business or government, all of which are underpinned by movement of data across borders. The digital sector includes: audio-visual (AV); e-commerce; telecommunications; data; and a raft of emerging sectors, such as artificial intelligence (AI), FinTech (which is dealt with in a separate report), the internet of things, and cyber security.

The current EU regulatory regime

Existing regulatory arrangements for the digital sector are largely driven by the European Commission’s Digital Single Market (DSM) Strategy,17 published in May 2015. This outlined 16 initiatives to update the Single Market for the digital age, promote digital trade and encourage the growth of the digital economy. These consist of a mix of regulatory and non-regulatory measures, covering digital, broadcasting and telecoms. The DSM includes initiatives on:
– free flow of data;
– cyber security;
– e-Privacy;
– setting ICT standards; and
– intellectual property.

While a number of these initiatives have been agreed and are being or have been implemented (e.g. the cessation of mobile roaming charges in the EU, or the Portability Regulation), the majority are currently under negotiation, or are awaiting concrete proposals from the European Commission.

Key DSM files or associated regulatory regimes (not covered in separate telecoms and broadcasting reports) which have importance to the wider UK economy, not just the digital sector itself, include: data protection; the ePrivacy Directive; the free flow of data; the eCommerce Directive; the Network and Information Security Directive; and wider technical standards and regulation.

Data Protection

Everyone responsible for processing personal data has to abide by rigorous data protection standards. The Commission and Member States regard data protection reform as a key enabler of the Digital Single Market – not just for the digital sector, but also underpinning the whole economy. From 25 May 2018, the EU General Data Protection Regulation (GDPR) will replace the 1995 Data Protection Directive as the EU standard on general data processing.

The UK Government has introduced a new Data Protection Bil to repeal and replace the Data Protection Act 1998 with a new law that provides a comprehensive and modern framework for data protection in the UK. This will introduce stronger sanctions for malpractice and set new standards for protecting general data – in accordance with the GDPR – giving people more control over use of their personal data, and providing new rights to move or delete personal data.

The ePrivacy Directive

The ePrivacy Directive gives people specific privacy rights in relation to electronic communications. It has been implemented by the UK through the Privacy and Electronic Communications Regulations. The Commission recently proposed a revision of the Directive. The Directive has specific rules on: marketing calls, emails, texts and faxes; cookies (and similar technologies); keeping communications services secure; and customer privacy as regards traffic and location data, itemised billing, line identification, and directory listings.

Free Flow of Data

The Commission’s Free Flow of Data proposal aims to address barriers to the efficient access, storage and use of non-personal data across EU borders, in order to unlock economic growth. It currently proposes a regulation which majors on data localisation (e.g. limiting member states from mandating that data must be stored in their own jurisdictions). The wider initiative is looking at other data related issues, such as access, re-use, ownership, liability, interoperability and portability. The Commission is expected to bring forward action in some or all of these areas during 2018.

The eCommerce Directive

The Electronic Commerce (eCommerce) Directive seeks to contribute to the proper functioning of the internal market by ensuring the free movement of ‘information society services’ between Member States. Information society services are any services normally provided for remuneration, at a distance, by electronic means and at the individual request of a recipient of services. It covers online services normally provided for remuneration.

This also covers services which are not remunerated by those who receive them, such as those offering on-line information or commercial communications, or those providing tools allowing for search, access and retrieval of data. One of the key parts of the Directive is its limited liability regime. This provides information society services with liability protection from hosting, caching ortransmitting illegal/unlawful content, provided certain conditions are met.

Network and Information Security (NIS) Directive

The NIS Directive, which comes into effect in May 2018, affects providers of certain key digital services (search engines, online marketplaces and cloud computing services). Its provisions aim to make the online environment more trustworthy and hence to support the smooth functioning of the EU DSM. These digital service providers will be required to implement appropriate security measures and report incidents to a national authority.

The directive aims more generally to improve cyber security capabilities in Member States and to improve Member States’ cooperation on cyber security. It also requires security and incident reporting requirements for operators of essential services in certain critical sectors (including the energy, transport, banking and healthcare sectors).

Wider technical standards and regulations

European Standardisation Regulation – 2012/1025 – describes how the EU works with standardisation and a legal hierarchy of standards and how they relate to each other.

Information and communications technology (ICT) and digital technical standards are driven by industry and commercial needs. Standards bodies formally recognised by governments predominate on telecoms-related issues, but newer commercially-led standards organisations (sometimes called ‘ad hoc’ or ‘de facto’ organisations) are widely used in newer digital technologies. The current digital ecosystem uses standards from a complex mix of both sources. The major formal organisations include the International Telecommunication Union (ITU) and the European Telecommunications Standards Institute (ETSI).

Amongst major ‘de facto’ organisations are the Institute of Electrical and Electronics Engineers (IEEE), the World Wide Web Consortium (W3C) and the Internet Engineering Task Force (IETF). The commercial nature of most of these bodies means the UK’s relationship with them is unlikely to change as a result of the its exit from the EU. The UK’s British Standards Institution (BSI) participates in European institutions CEN and CENELEC, which provide platforms for the development of European Standards and other technical specifications. The BSI’s future membership of CEN and CENELEC is primarily a matter for the BSI.Existing frameworks for how trade is facilitated between countries in this sector

The arrangements described in this section are examples of existing arrangements between countries. They should not be taken to represent the options being considered by the Government for the future economic relationship between the UK and the EU. The Government has been clear that it is seeking pragmatic and innovative solutions to issues related to the future deep and special partnership thatwe want with the EU.

There are a number of existing arrangements governing the way in which non-EU Member States trade with the EU in this sector.

World Trade Organisation (WTO) rules set out the basis for trade globally, through agreements such as the General Agreement on Tariffs and Trade (GATT), the General Agreement on Trade in Services (GATS) and the Agreement on TradeRelated Aspects of Intellectual Property Rights (TRIPS) agreements.

Signatories are also able to enter into further economic integration arrangements through bilateral (country to country) or plurilateral (regional) trading relationships. These build on WTO rules and seek to liberalise trade commitments for relevant sectors further.

In the case of trade in services, such agreements seek to identify and remove nontariff barriers to trade, such as nationality requirements or limitations on the number of service suppliers across four modes of supply – cross border trade; consumption abroad; commercial presence; and presence of natural persons.

From a digital goods perspective, the Information Technology Agreement (ITA), signed in 1996, lowers all taxes and tariffs on information technology products by signatories to zero. At the Nairobi Ministerial Conference in December 2015, over 50 members concluded the expansion of the Agreement, which now covers an additional 201 products valued at over US$1.3 trillion per year. These products include video games and consoles, home hi-fi systems, headphones, blue-ray/DVD players, semi-conductors, and GPS devices.

The digital sub-sector is dynamic and changes quickly, which has posed some challenges in reaching a widely accepted definition of what it encompasses and, therefore, securing deep trading commitments. As outlined above, the main framework for trade in services is rooted in the 1996 WTO General Agreement on Trade in Services (GATS), which pre-dates the large majority of modern digital transformation. This means that the most relevant part of GATS provisions cover access to telecommunications markets and infrastructure, without a broader emphasis on digital trade.

However, there are increasing precedents for provisions which enable digital trade in a range of agreements, which go further than the GATS provisions. For example, recent free trade agreements have sought to address mobile network issues, including network access, mobile roaming, and trade issues related to cross-border data flows.

Devolution issues and Gibraltar, the Crown Dependencies and Overseas Territories

Digital policy is a UK-wide issue. However, emerging technologies impact on policy areas of the wider economy, including devolved areas such as health and skills. With digital clusters and successful digital industries based across the UK, as highlighted in the Tech Nation 2017 review,18 Government will continue to engage with Scotland, Wales and Northern Ireland to ensure that implementing the 2017 UK Digital Strategy19 benefits UK citizens as a whole.

Gibraltar is in the EU and regulatory arrangements for the digital sector apply. The Crown Dependencies are not in the EU, but have data adequacy decisions from the EU, and have started taking steps to implement the EU General Data Protection Regulation (GDPR). The other Overseas Territories are also not in the EU, but Article 37 of the Overseas Association Decision entitles co-produced audiovisual works to benefit from any scheme for the promotion of local or regional cultural content set up in the EU, the Overseas Territories and the Member States to which they are linked.

Share this article

Leave a Reply

Your email address will not be published. Required fields are marked *