WILL BREXIT LEAD TO A TECHXIT?
WHAT DOES THE EU REFERENDUM RESULT MEAN FOR THE UK’S TECHNOLOGY BUSINESSES?
OVERVIEW “When you come out of the storm, you won’t be the same person who walked in. That’s what this storm’s all about” wrote Haruki Murakami, in Kafka on the Shore. Tech businesses in a post-Brexit world would do well to take on board such an outlook, because the world appears more tempestuous than ever. Fortunately, few sectors are better equipped to manage. This is an industry used to driving change, not just adapting to it. Make no mistake though. We are in a storm. The UK’s credit rating has been downgraded and recently the pound fell to a 31 year low. Gartner’s forecast, issued one day before the referendum, predicted 1.7
per cent growth in UK technology investment. Today, estimates are between two and five per cent lower. Why? Because from smartphones to servers, consumers and businesses alike delay purchases in uncertain times. Especially when overall spending power is being squeezed by rising import prices. Major strategic decisions are similarly deferred, with companies either abandoning or pausing M&A activity and expansion plans - which typically drive investment in enterprise technology, such as datacentres and cloud computing. Yet this is just the beginning for the potential issues and sectors affected by Brexit.
Tech Talent & The UK Skills Gap The UK’s technology skills shortage is widely documented, with businesses needing to actively recruit staff from across Europe to plug the gap. A member survey by Tech London Advocates – an industry group representing approximately 3,000 senior business people in the capital’s tech scene, found 87 per cent opposed Brexit due to fears it would make it harder for British companies to employ overseas talent.
With, for example, some of the best developers coming from places like Bulgaria and Romania in Eastern Europe – not having free trade and movement agreements with these countries could raise the cost of hiring and reduce the attractiveness of London. Highly skilled migrants could seek ‘easier’ placements in other European tech hubs such as Munich, Lisbon and Dublin.
Data, Privacy, Cybersecurity & Compliance The General Data Protection Regulation (GDPR) standards come into force in 2018 and any UK business processing data from EU citizens will need to comply. Until then, the 1998 UK Data Protection Act still applies. If GDPR does not produce the desired results and needs to be adjusted, the UK will no longer be able to influence those discussions, but UK businesses will still need to comply with the outcomes if they want to continue doing business in the EU. For UK citizen’s data, we will at least have a choice whether to adopt similar regulation to GDPR or do something different. It was hoped the recently approved Privacy Shield agreement would provide UK-based companies with legal certainty around the transfer of data between the EU and US. Now though, while businesses could sign up to the new mechanism, it is void once the UK officially leaves the EU. Nor can the UK begin negotiations with the US now to sign its own data transfer deal, because it gave the EU Commission the mandate to negotiate on its behalf. This means
waiting until the UK has officially left, and even then will be no easy feat. It took years for the US to convince EU officials it would sufficiently protect EU citizens’ privacy, given reports of mass surveillance programmes by the NSA. Now the UK too will have to convince the EU it offers “adequate” protection, in spite of reports of similar programmes run by the Government Communications Headquarters (GCHQ). As it stands, the UK’s Information Commissioner has said the UK may have to adopt EU data protection rules to trade, post-Brexit. It remains to be seen whether the UK Cabinet will choose to stay the course in the upcoming EU-wide 2016 National Cyber Security Strategy. Nor does the UK have long (two and a half years) to transpose The Cybersecurity Directive (NIS) into law, following its official publication, due this summer. This will bind UK-based companies to new data breach notification requirements. The point here is that UK businesses had a fair amount of digital red tape to wrangle before the referendum. This will only add to and complicate the burden.
Edelman | Southside | 105 Victoria Street | SW1E 6QT London | www.edelman.co.uk | 0203 047 2000 | @edelmanUK