DEBATE: Much of the proposed Data Protection Bill will become law under the EU GDPR regardless – is there any point in it?
Unequivocally yes. Whether or not this is political posturing around the edges of GDPR from the government, the UK needs a new set of data laws, and frankly the sooner the better. This will provide the British public with a renewed faith in companies. These laws, almost exactly mirroring the GDPR coming into force next May, will also force companies to be more open, honest and transparent about how they use consumer data. Those companies that fail to abide by the new rules will face the prospect of heavy fines. They are good for business, good for consumers and good for society – and should be welcomed. They provide consumers and businesses with more choice and therefore more control. Digital minister Matt Hancock will no doubt be aware that engagement from business is at best lacklustre, in large part due to a lack of definitive advice from Brussels. These new laws should act as a final warning to all businesses to start putting consumer wishes first.
In the Queen’s Speech, the government announced its commitment to GDPR. As the regulation has already been imported into UK law and is not set to be repealed post-Brexit, it seems very odd that many of the provisions in the UK’s Data Protection Bill are already covered by GDPR. The right to be forgotten, data porting, and the need for explicit consent when businesses use personal data are all major parts of GDPR and will be enforced in May 2018 regardless. What is even stranger is that the government seems to have gone quiet about its “Snoopers Charter” approach on holding data on UK citizens. If you were to put two and two together, you might be forgiven for thinking that this “new” regulation could be a Trojan Horse, designed to eventually either water-down key provisions of GDPR or slip in controversial measures giving the government special powers to collect data or break encryption.