UK government unveils new data protection laws promising £1bn in savings to businesses
The UK government has released details of its plans to introduce new business-focused data protection laws in its latest ‘crackdown on bureaucracy’.
The proposals, which were announced at the end of London Tech Week this week, plan to reform current UK data protection laws, giving businesses greater flexibility in how they obtain consent to use data of a customer.
The arrival of these reforms would remove most of the European Union’s General Data Protection Regulation (GDPR), which was introduced four years ago and requires companies to adhere to complex “checkmark” exercises. and limits how companies can use the data they collect.
GDPR’s uniform prescriptive requirements add an additional level of burden on businesses in some cases, including requiring some small businesses to have a data protection officer and engage in time-consuming assessments.
The new UK GDPR means that these companies will no longer have to use this agent, as long as they are able to manage the risks effectively themselves, while the amount of paperwork and bureaucracy has also been reduced.
However, companies will still need to complete a privacy management program, so that they can remain capable of handling data properly while ensuring that they are able to meet the requirements of the reforms.
It is hoped the announcement will be a big boost for UK business and commerce, with the government presenting analysis from the Department for Digital, Culture, Media and Sport (DCMS) when explaining how such a move could save money business books. 1 billion over a period of 10 years.
In addition to cleaning up data consent, the bill also redefines how companies can market to new customers, preventing them from contacting customers without their consent.
The bill increased fines for breaching the UK’s current Privacy and Electronic Communications Regulations (PECR). Instead of a fine of £500,000, the current maximum, businesses that send nuisance calls and texts can expect to pay £17.5million or 4% of global turnover, according to the highest amount.
It will allow customers to automatically disable cookies and annoying pop-ups while browsing the internet – a big relief for everyone – being the general theme of the PECR update.
The reform will also introduce the Information Commissioner’s Office (ICO), the UK’s main data regulator, to a new chairman, chief executive and board, moving the regulator from a data-driven approach to tasks to a goal-based approach.
The ICO will develop new company-specific statutory codes and guidelines, sharing the most efficient ways to use and store data. This will make the ICO more dynamic and bring it closer to the companies it works with, while encouraging regulators to be held accountable for their actions.
Data has become the backbone of fintech and financial services, with consumers depending on its use to power the applications and services they use and interact with every day. For businesses, data enables them to make better and more informed business choices, while being able to offer better tailored and responsive services to their consumers.
The announcement explained how data-driven trade generated almost three-quarters of the UK’s total services exports and generated around £234 billion for the economy in 2019.
Digital secretariat Nadine Dorries recognized the UK’s GDPR reform as “an important step in cementing Britain’s post-Brexit position as a science and technology superpower”, going on to explain that “our new Reform Bill will make it easier for businesses and researchers to unlock the power of data to grow the economy and improve society, but retains our global benchmark for data protection.
“Outside the EU, we can ensure people can control their personal data, while preventing businesses, researchers and civil society from being held back by a lack of clarity and cumbersome EU legislation.”
The move is set to enable UK businesses to use data in a way that more effectively meets their needs as a business and the needs of their customers through the creation of more personalized services. It will foster a new attitude towards data research and the application of that research, while encouraging the UK to form new international data partnerships.
Speaking about his support for the ambition of these reforms, the British Information Commissioner John Edwards said in the announcement: “Data protection law must give people the confidence to share their information to use the products and services that power our economy and our society.
“The proposed changes will allow my office to continue to operate as a trusted, fair and impartial regulator, and allow us to be more flexible and target our action in response to the greatest harms.
“We look forward to continuing to work constructively with the government as the proposals move forward and we will continue to monitor how these reforms are expressed in the bill.”
Provide insight from an industry perspective, Jon Bainessenior data protectionspecialist at Mishcon de Reya LLPcommented: “The data protection law reform proposals are very important for individuals and organizations and will no doubt be the subject of much parliamentary debate before they are adopted.
“The government is not advancing many of the proposals it put forward last year, but this is still a major set of proposed changes. Many of the proposed reforms are clearly intended to be business-friendly.
“The UK will however retain the current UK GDPR framework, which is strongly linked to the EU GDPR. However, there is always a risk that the European Commission will see some of the changes as a “step too far” and lead it to review the current “adequacy” framework allowing the free transfer of personal data between the EU and the Kingdom. -United”.