The government has re-introduced its Data Protection and Digital Information (DPDI) Bill, claiming the new laws will cut down pointless paperwork for businesses, reduce annoying cookie pops-up and remove barriers to international trade.
Initially launched last summer, the bill was paused in September 2022 to allow a “co-design process” with business leaders and data experts.
According to the new Department for Science, Information and Technology (DSIT), the replacement for the EU’s GDPR regime will unlock £4.7bn in savings over the next 10 years.
Secretary of state for science, innovation and technology, Michelle Donelan, said: “Co-designed with business from the start, this new bill ensures that a vitally important data protection regime is tailored to the UK’s own needs and customs.”
GDPR replacement
DSIT claims the new laws build on the UK’s high standards for data protection and privacy, ensuring data adequacy while moving away from the ‘one-size-fits-all’ approach of GDPR.
This will support more international trade without creating extra costs for businesses if they are already compliant with current data regulations, the government said.
Data-driven trade generated 85% of the UK’s total service exports and contributed an estimated £259bn for the economy in 2021.
Cautious welcome
Data watchdog, the UK Information Commissioner, welcomed the reintroduction of the bill and its ambition to enable organisations to grow and innovate while maintaining high standards of data protection rights.
John Edwards, UK information commissioner, said:
“Data protection law needs to give people confidence to share their information to use the products and services that power our economy and society. The bill will ensure my office can continue to operate as a trusted, fair and independent regulator.”
Naomi Weir, CBI innovation programme director said data is essential for businesses to address business challenges and innovate.
“Government has worked closely with business to understand their data priorities, including using data for research and innovation,” she added.
Designed with business
Changes were suggested by a steering group that includes the Data and Marketing Association (DMA), with a focus on ensuring that consumer privacy is respected while also streamlining the ability of marketers to collect data, reports the Drum.
But some industry commentators think more needed to be done to enable marketers to operate.
Christie Dennehy-Neil, head of policy and regulatory affairs at internet advertising body the IAB urged the government to extend cookie consent exemptions to advertising measurement and analytics, which are necessary, non-intrusive functions.
“This would achieve the risk-based and proportionate approach to cookie consent that the government wants. In its current form, the bill doesn’t make the most of this opportunity for meaningful change,” she said.
According to Techcrunch, the new proposed bill represents the government being able to claim to be making the most of its post-Brexit powers to set its own rules, while ensuring that it retains the fundamentals of the existing framework.
Keeping some alignment is necessary to keep data flowing from the EU to UK businesses and avoid a major economic hit were the UK to lose its EU adequacy status, which is due to be reviewed in 2025.