Last week I attended an event at the University of Sussex (organised by Charles Meredith and other students) discussing the potential legal implications of Brexit, and I was tasked with looking at some of the aspects that may affect Intellectual Property and Information Technology. Here are a few of my notes regarding the potential implications of Brexit.
Firstly I need to point out that I am not able to vote on the referendum, so please take these notes with a pinch of salt. I do not want to tell anyone how to vote, but personally I would definitely vote to stay in the EU if I was able to do so.
Secondly, we still do not know a lot of the legal detail of a potential Brexit vote. Article 50 of the Lisbon Treaty allows member states to unilaterally leave the Union and establishes a procedure for such exit. The member state has to notify the European Council and then there will be a period of negotiation with the intention of publishing a withdrawal agreement. Failing that, the exit will take place two years after notification. This means that the legal detail will have to be ironed out at a later date, leaving several open questions about the status of existing legal instruments.
It is of particular importance to know what will happen with existing directives that have been transposed to UK law, and also what will happen with the Court of Justice of the European Union (CJEU) case law. I’ve been reading some interesting legal opinions, but the reality is that there are still many uncertainties. For the purpose of this analysis, let’s assume that most of the existing European law will remain on the books until it is repealed or amended. This could be a substantial political battle after the vote, and I would argue that there are a lot of rights gained through European law that should be protected.
We’ll now discuss some specifics.
Most substantive aspects of intellectual property law are harmonised at international level through international treaties administered by the World Intellectual Property Organization (WIPO), and the WTO’s own TRIPS agreement. This means the basic substantive elements would remain unchanged.
However, a lot of the detail is harmonised at the European level, particularly when dealing with registration of patents and trade marks. There are two European IP institutions: the European Patent Office (EPO, non-EU), and the Office for the Harmonisation of the Internal Market (OHIM, EU).
Our EPO membership would remain intact, but unless something happens during the negotiation process, we would lose our membership status in the European trade mark system, and this could be detrimental to the UK. The practical result of such a withdrawal would be that UK enterprises would have to apply separately to the OHIM for a trade mark. At the moment, this is something that can be done at the UK IP Office by applying for a Community Trade Mark (CTM).
However, things are further complicated by the fact that soon we will get a unitary European patent and a unitary patent court as part of the EU system. The unitary patent will considerably reduce costs of applying for patents across Europe, and while these will be operated by the EPO, the system is part of the EU. It is not clear what will happen to the unitary patent in case of a Brexit vote, but analysts tend to agree that this will delay the implementation.
One of the main areas of concern for me is what will happen to the CJEU case law. We have a good number of cases that in my opinion enhance various concepts of IP protection, and that bring balance to areas such as copyright enforcement. The concept of originality itself depends on a number of CJEU decisions, such as Infopaq and Painer. Will UK move away from these decisions, or will they continue to be informed by them? Then we have important enforcement cases, such as SABAM, Promusicae, and Svensson, just to name a few.
Information Technology Law
IT law is not harmonised at an international level in the same way that IP is, so a lot of the harmonisation is regional, or imposed by bilateral agreements. The main effect of a Brexit vote is that we would immediately lose coordination on important subjects. While many things would depend on the terms of the withdrawal agreement, we will assume that most of the directives would stay in place, but this would still leave a lot of open questions.
The main piece of legislation in the area is the E-Commerce directive, which is vital for the safeguard of intermediaries by limiting their liability. We would hope that this would remain in place in UK law, but the questions is what would happen to the many interpretations that have been performed by the CJEU over the years (eg L’Oreal). We would also need to know what happens with the latest ECHR rulings on this subject (Delfi and MTE).
But my main concern is with regards to data protection law. The Data Protection Directive has been one of the most important legal developments in the area of IT Law for a generation, and it has spawned a complex system of protection that includes the creation of data protection authorities across Europe. These are tasked with safeguarding the information self-determination of European citizens. Although it would be assumed that the DP Act would remain in place, the data protection regime is about to be overhauled with the enactment this year of the General Data Protection Regulation (GDPR). we do not know what would happen to the GDPR in case of a Brexit vote, and it will all depend on the terms of withdrawal. My hunch is that it will be incorporated as UK law. Yet another possible complication leading to more legal uncertainty.
My other main concern is what will happen to the recent ground-breaking CJEU data protection cases, namely Schrems and Google Spain (of “right to be forgotten” fame). I strongly believe that the right to be forgotten has been a good development, and while there is a version of the RTBF present in the GDPR, everything would depend on whether this is incorporated into the law or not. Schrems causes even more questions. The main result of that litigation was to strike down the existing Safe Harbor agreement between the EU and the US allowing for the export of European citizens’ personal data. This has now been replaced with the so-called Privacy Shield. So here is a fun scenario for you to consider. What if we vote to stay out, and also pass the Investigatory Powers Bill currently in from of parliament? It would be possible, as some argue, that the IP Bill would be in breach of Privacy Shield requirements, so UK-based technology companies would not be allowed to host European personal data.
The result would probably be a mass migration of tech companies to EU countries, a disaster for the economy! Emily Taylor says:
“If it becomes law, a post-Brexit UK would be unlikely to meet the standards required for Privacy Shield status. This would prohibit cross border data transfers between UK and EU. Even if there is some cobbled together agreement, Britain may find its former EU partners less willing to jump to the negotiating table to rescue UK economic interests. British business would continue to face barriers, and British citizens would end up with fewer protections than EU citizens against UK government intrusion.”
There are too many uncertainties, but for now it seems like the prospects are mostly negative. Increased legal uncertainty, push-back against acquired rights, possible migration of tech businesses, political fight over existing legislation… the list goes on.