According to an exclusive story published by news agency Reuters, UK-based Googlers are about to lose the protections afforded to them by European Union privacy regulators. As Britain exits the EU - we are currently in the agreed cushioning Brexit transition period - it remains unclear whether the government will follow the EU's General Data Protection Regulation (GDPR) or add it to a bonfire of regulations.
Three people familiar with Google's plans say that it will move British user accounts to U.S jurisdiction. It is understandable that a profit seeking multinational like Google will simply get rid of GDPR, which exerts some of the "world’s most aggressive data protection rules," if possible. Then we would be left with US rules by default, characterised in the report as "among the weakest privacy protections of any major economy".
Painting a bigger picture of changes we might expect, last week Pascal Lamy, the former Director-General of the World Trade Organisation (WTO), told attendees at a conference that "For the US data is there to buy and sell. For Europe data is private property. For China data belongs to the state and the Party." Thus it doesn't sound like a consumer favourable transition is on the way for Brits.
However, there might be some positives in the move from EU to US rules, says the Reuters report. The US recently enacted the Cloud Act, which makes it possible for foreign authorities (like those in the UK) to extract data from US-based companies. Right now under GDPR it is pretty difficult for UK law enforcement, for example, to get Google to hand over data kept in Ireland.
Whatever happens with Google - and you might have to click-sign a new agreement if/when the change goes ahead - it will likely be mirrored by Facebook, which has a similar operations setup.