On Monday, the Government introduced its post-Brexit data protection reforms, prepared by Department for Digital, Culture, Media & Sport (DCMS). DCMS first announced details of its Data Reform Bill following its consultation on data: a new direction a month ago. The new 192-page Data Protection and Digital Information Bill is broken up into six parts:
- Data protection
- Digital verification services
- Customer data and business data
- Other provisions about digital information
- Regulation and oversight
- Final provisions.
Since the government first proposed to reform its data protection laws, concerns have been raised about the future of its adequacy deal with the EU. Addressing those concerns, Matt Warman, Minister for Media, Data and Digital Infrastructure, said in a statement about the bill: "The EU does not require countries to have the same rules to grant adequacy, so it is our belief that these reforms are compatible with maintaining a free flow of personal data from the European Economic Area." He went on to say the new bill allows the UK to "strike partnerships with some of the world's fastest growing economies" and that the reforms "ensure that the mechanisms to transfer personal data internationally are secure and flexible to help British businesses grow."
The IAPP has posted a summary of the new data reform bill along with proposals to regulate the use of artificial intelligence.
Ahead of the government announcement, the Open Rights Group published a summary of all the issues they expect to find in the upcoming UK Data Reform Bill.
Editors note: We will update this summary article with more details as they emerge.
UPDATE: 200722
- Mischon de Reya published an excellent summary assessment of what they describe as a "long and complex" bill ahead of a more detailed examination.
- Pinsent Masons write in a detailed review of the bill that they concur with the DCMS stated intention of evolution rather than revolution. However, they also warn there is a risk the proposed law could fail to satisfy anyone by either not going far enough to encourage innovation or diverging too far from EU rules and threatening the UK's adequacy status.
- Infosecurity Magazine voiced concerns over the new bill after consulting legal experts. Jon Baines, senior data protection specialist at Mishcon de Reya, said: "With the multiple amendments proposed in the bill, the UK GDPR is starting to look quite different to its European cousin. And the more the two regimes diverge, the more there is a risk that the EU might question whether it still considers the UK to have an "adequate" regime for the purposes of data transfers."
UPDATE: 210722
- Open Rights Group publishes an analysis looking at how the bill will affect people. The article focuses on data transfers, claiming the bill creates a 'data oligarchs charter' and a surveillance state. it also covers the risks to businesses, data security and the government's plans to politicise the ICO.
What is this page?
You are reading a summary article on the Privacy Newsfeed, a free resource for DPOs and other professionals with privacy or data protection responsibilities helping them stay informed of industry news all in one place. The information here is a brief snippet relating to a single piece of original content or several articles about a common topic or thread. The main contributor is listed in the top left-hand corner, just beneath the article title.
The Privacy Newsfeed monitors over 300 global publications, of which more than 5,750 summary articles have been posted to the online archive dating back to the beginning of 2020. A weekly roundup is available by email every Friday.