It was back in 1998 that Parliament passed the Data Protection Act. Perhaps one of the Acts of Parliament that we are most familiar with (in name anyway), it has transformed almost every aspect of our lives. This of course has brought many advantages, making the world a smaller place and transforming the UK’s economy. But there have been some disadvantages too, such as the worried parents have that their children may be vulnerable.
Many of these disadvantages have occurred in recent years, as the digital world has moved on but the Data Protection Act has not. The Data Protection Act has served the UK and its citizens well for many years but now the government believes that it is the right time for a new bill to replace it that reflects both the changes in technology and society. As Matt Hancock, Minister of State for Digital States in his foreword to the proposal of the new bill:
“The Data Protection Bill, promised in our manifesto and announced in the Queen’s speech, will bring our data protection laws up to date. It will both support innovation by ensuring that scientists and businesses can continue to process data safely. It will ensure that we can remain assured that our data is safe as we move into a future digital world based on a system with more accountability, but less bureaucracy. The Bill includes tougher rules on consent, rights to access, rights to move and rights to delete data. Enforcement will be enhanced, and the Information Commissioner given the right powers to ensure consumers are appropriately safeguarded.”
The new Data Protection Bill also comes at a particularly apt time. Whilst recently, on 23 June, 2016, the UK voted to leave the European Union. However, this will not mean that the UK will be exempt from the new European Union General Data Protection Regulations. This is both because the UK will still be in the EU when GDPR becomes live on May 25 2018 and the law applies to any organization in the world who process the data of EU citizens, thus affecting thousands of UK businesses. Speaking about this, Matt Hancock in his statement writes:
“Bringing EU law into our domestic law will ensure that we help to prepare the UK for the future after we have left the EU. The EU General Data Protection Regulation (GDPR) and the Data Protection Law Enforcement Directive (DPLED) have been developed to allow people to be sure they are in control of their personal information while continuing to allow businesses to develop innovative digital services without the chilling effect of over-regulation. Implementation will be done in a way that as far as possible preserves the concepts of the Data Protection Act to ensure that the transition for all is as smooth as possible, while complying with the GDPR and DPLED in full.”
The full statement of intent was published by the government on 7 August 2017 and the Bill will go before parliament as soon as they return from their summer recess.