UK government to fortify data protection legislation

In reaction to the government’s commitment to update and strengthen current data protection laws they have created a new bill which aligns with the EU’s General Data Protection Regulations, (GDPR).

The bill is being put in place to provide Britons with the confidence that their data will be managed securely and safely. The bill will equip individuals with the opportunity to have control over their data online meaning they are able to request for their information or personal data to be erased.

This will also mean that individuals can ask social media channels to delete information they posted during their childhood. The reliance on default opt-out or pre-selected ‘tick boxes’, which are largely ignored, to give consent for organisations to collect personal data will also become a thing of the past.

Businesses will be supported and guided through the changes to ensure they are able to manage and secure data thoroughly and to a high standard. The data protection regulator, the Information Commissioner’s Office (ICO), will also be given more power to protect consumer interests and issue higher fines, of up to £17m or 4% of global turnover, in cases of the most serious data breaches.

Matt Hancock, Minister of State for Digital commented: “Our measures are designed to support businesses in their use of data, and give consumers the confidence that their data is protected and those who misuse it will be held to account. The new Data Protection Bill will give us one of the most robust, yet dynamic, set of data laws in the world. The Bill will give people more control over their data, require more consent for its use, and prepare Britain for Brexit. We have some of the best data science in the world and this new law will help it to thrive.”

The Data Protection Bill will:

  • Make it simpler to withdraw consent for the use of personal data
  • Allow people to ask for their personal data held by companies to be erased
  • Enable parents and guardians to give consent for their child’s data to be used
  • Require ‘explicit’ consent to be necessary for processing sensitive personal data
  • Expand the definition of ‘personal data’ to include IP addresses, internet cookies and DNA
  • Update and strengthen data protection law to reflect the changing nature and scope of the digital economy
  • Make it easier and free for individuals to require an organisation to disclose the personal data it holds on them
  • Make it easier for customers to move data between service providers

Data protection rules will also be made clearer for those who handle data, but they will be made more accountable for the data they process, with the priority on personal privacy rights. New criminal offences will be created and implemented to deter companies from intentionally or recklessly creating situations where someone could be identified from anonymised data.

Julian David, CEO of techUK, said:

“The UK has always been a world leader in data protection and data-driven innovation. Key to realising the full opportunities of data is building a culture of trust and confidence. This statement of intent is an important and welcome first step in that process. techUK supports the aim of a Data Protection Bill that implements GDPR in full, puts the UK in a strong position to secure unhindered data flows once it has left the EU, and gives businesses the clarity they need about their new obligations.”

The government hopes that the bill will bring the European Union’s General Data Protection Regulation (GDPR) into UK law, helping Britain prepare for Brexit.

Estio Technology are committed to providing high quality IT opportunities across the UK throughout the Brexit process and beyond. Apply for your ideal IT role today here.

Factual information sourced from GOV.