New data protection legislation for the UK that will replace the EU’s GDPR has been put before Parliament by Technology Secretary Michelle Donelan.
The Data Protection and Digital Information Bill aims to reduce the financial and administrative burdens of the current regulations on British businesses, remove barriers to international trade and cut the number of repetitive data collection pop-ups online.
The Bill is a revised version of the first draft introduced last year but was paused in September 2022 so that “ministers could engage in a co-design process with business leaders and data experts”.
In a statement from the newly created Department for Science, Innovation and Technology (DSIT), the new Bill is being badged as a “common-sense-led” version for the UK of the EU’s GDPR. The improved bill is designed to:
- Introduce a simple, clear and business-friendly framework that will not be difficult or costly to implement – taking the best elements of GDPR and providing businesses with more flexibility about how they comply with the new data laws
- Ensure our new regime maintains data adequacy with the EU, and wider international confidence in the UK’s comprehensive data protection standards
- Further reduce the amount of paperwork organisations need to complete to demonstrate compliance
Support even more international trade without creating extra costs for businesses if they’re already compliant with current data regulation - Provide organisations with greater confidence about when they can process personal data without consent
- Increase public and business confidence in AI technologies by clarifying the circumstances when robust safeguards apply to automated decision-making
The full text of the bill has yet to be published, but DSIT says the new version removes the stipulation, imposed as part of GDPR, for all businesses to keep data processing records. This requirement will now only apply to companies deemed to be engaging in “high risk” activities, such as working with health data. It will also detail circumstances where personal data can be processed without the subject’s consent for “certain public interest activities” around law enforcement and protecting vulnerable people.
The government states that it expects the new regime to save the UK economy more than £4 billion over the next 10 years while ensuring that privacy and data protection are securely protected.
Author
Gill Laing is a qualified Legal Researcher & Analyst with niche specialisms in Law, Tax, Human Resources, Immigration & Employment Law.
Gill is a Multiple Business Owner and the Managing Director of Prof Services - a Marketing Agency for the Professional Services Sector.
