Response to the UK GDPR consultation published
The government have published the draft legislation to amend the data protection regime in the UK. The Data Protection and Digital Information Bill (DPDIB), which was introduced to Parliament just before the summer recess and before the appointment of the new government in September, would modify the existing UK version of GDPR and cause some significant areas of diversion with EU GDPR. Earlier this year, VinciWorks outlined the key changes that were expected to be made. The aim of the new UK data protection legislation is to ease GDPR requirements for companies and make them less burdensome.
What are the key changes the UK data protection bill seeks to introduce?
Among other things, the changes will:
- amend the definition of personal data
- use AI to process sensitive data and other information
- add new legitimate interests
- remove the requirement for cookie consent
- amend accountability requirements
- remove the need to appoint a data protection officer
- charge fees to access your own data
- remove record-keeping requirements
- reform of the Information Commissioner’s Office (ICO)
- raise fines for PECR breaches
Even though the bill proposes widespread changes, it actually preserves the existing UK GDPR and the PECR, as it was drafted as an amending act rather than a completely new legislative instrument.
In addition, there is a chance that political factors could stymie the bill. If an election is called prior to the bill receiving royal assent, it won’t become law. The UK’s adequacy status with the EU remains a question, even though the government has expressed the opinion it is entirely possible to retain it.
New courses and resources coming soon
VinciWorks is closely following the legislation and will, in the coming weeks and months, be releasing new updated resources, guides and a completely revised UK GDPR course that will reflect the changes and keep you and your organisation aware of everything you need to know about the updated bill.
You can keep up with the latest via our blog and through the Regulatory Agenda that we publish, which documents new and important compliance regulations.