In an attempt to cut European Union red tape once and for all, the government are pushing forward with its Data Reform Bill.
Moving away from the “highly complex” data protection laws, the government laid out its plans in the Queen’s Speech this morning to depart from the the existing General Data Protection Regulation (GDPR) and the Data Protection Act.
The government called the two laws “complex and prescriptive”, and argued that the new bill would reduce burdens on businesses as well as provide clarity to researchers on how best to use personal data.
Though there was no exact detail in what this would mean in practice, the government said it would streamline data protection laws and reduce the burden on businesses; this will focus on outcomes “rather than box-ticking exercises”.
According to analysis by the Department for Digital, Culture, Media and Sport, the reforms will create over £1bn in business savings over ten years by reducing burdens on businesses of all sizes.
Commenting on the government’s new proposals, partner at Charles Russell Speechlys Jonathan McDonald said that while it “smooths the process” in terms of direction, “the government is yet to set out its position”.
CEO and Founder of Ethyca, New York-based privacy technology firm, Cillian Kieran weighed in, and expressed uncertainty towards the UK’s grand plans for reform.
He said: “Those concerned that high data protection standards pose an impediment to innovation should consider that data adequacy offers huge efficiencies in terms of both resource and planning certainty for UK-based companies doing business in Europe.
“What will the innovation opportunity cost be if UK compliance teams are forced to spend years reworking data and data transfer policies as a result of losing adequacy with the EU?”
He suggested the departure from EU mechanisms may result in a significant drag to business rather than a benefit.
“Jeopardizing adequacy status could backfire for groups who see higher data protection standards as an impediment to innovation. In order to preserve data flows and promote collaboration, different jurisdictions need to be able to bridge their requirements for data processing”, Kieran suggested.