You may be aware that a new piece of legislation, the Data Protection and Digital Information Bill (the Bill) had been passing through the parliamentary process. The Bill’s intention was to update and simplify the UK GDPR and Data Protection Act 2018 with a view to reducing the burden on organisations, while maintaining high data protection standards. It aimed to introduce more flexibility and makes provision for a variety of measures relating to personal data and other information, including digital information.
The second reading of the Bill was due to take place in the House of Commons on 5 September 2022. However, as a result of the subsequent change of Prime Minister, the Government decided to postpone this so as to give the matter more consideration.
At the recent Conservative party conference, the Secretary of State for Digital, Culture, Media and Sport announced that the Government planned to replace UK GDPR with a bespoke British data protection system. It’s clear that the Government feels that the bureaucratic nature of the UK GDPR limits the potential of UK businesses, and can lead to excessive caution amongst staff in the handling of data, especially for smaller organisations.
The Government intends the new system to be business and consumer-friendly, to protect consumer privacy and keep their data safe, while retaining data adequacy for the UK, and also for it to be simpler and clearer for businesses to navigate. The Government wishes to focus on growth and common sense, to help prevent losses from cyber-attacks and data breaches, and to continue to protect data privacy.
The announcements suggest that the Data Protection and Digital Information Bill will either be further delayed, substantially re-drafted, or even scrapped whilst the Government takes a fresh look at the United Kingdom’s approach data protection.
Obviously if there is to be a new and entirely separate data protection regime in the UK, then domestic businesses who share data with, or deal with individuals and entities in the EU will need to comply with both the UK and the EU (GDPR) regimes.
The Information Commissioner's Office (the UK’s independent body set up to uphold information rights) has stated that it is "pleased to hear the Government's commitment to protecting people's privacy, preserving adequacy and simplifying data protection law", and said “we look forward to seeing further details and stand ready to provide our advice and insight”. As such, the position with regard to how this important area of the law will develop remains extremely unclear, and very much a case of watch this space. Of course, in the meantime, the law with regard to data protection remains unchanged.
Are you aware that FSB members can book a call with a solicitor or tax expert through the FSB website? Log in and click on Legal Hub – then click on Book a call and follow the steps. Here’s the link: https://www.fsblegalhub.co.uk/fsb/lets-talk