New Data Protection Bill to expand digital rights
8th August 2017
The government announced yesterday (7 August) that it plans to introduce a new Data Protection Bill which will aim to improve and expand the rights of internet users to view and control their online personal data.
The bill, drafted by Digital Minister, Matt Hancock, has been designed to allow people to request that sensitive data or information – including, for example, childhood social media activity – is deleted by the companies which hold it, unless it can be demonstrated that there is good reason for not doing so.
It is thought that the new bill will roughly replicate measures already being brought in by the European Union’s forthcoming General Data Protection Regulation (GDPR), but with the intention of safeguarding the rights it guarantees in post-Brexit Britain.
Under the proposals, companies which are found to have breached the new regulations could face fines of as much as £17million, compared to the current limit of £500,000.
‘Real risk’ of inadvertent fines
The Information Commissioner’s Office – the non-departmental body which reports to Parliament on data protection matters – welcomed the announcement, with information commissioner Elizabeth Denham stating in a government press release that she is “pleased the government recognises the importance of data protection, its central role in increasing trust and confidence in the digital economy and the benefits the enhanced protections will bring to the public.”
The announcement was not without its critics, however, with most concern over the proposals coming from groups representing the UK’s small businesses. Mike Cherry, chairman of the Federation of Small Businesses, told the BBC that not enough information has yet been shared with the companies his organisation represents: “They simply aren’t aware of what they will need to do”, Mr Cherry argued, “which creates a real risk of companies inadvertently facing fines.”
The government will be hoping that such concerns can be addressed well before the new Data Protection Bill is passed into law. If this is not the case, a significant amount of work for lawyers could be generated by small firms looking to protect their business models against any unwanted effects of the upcoming changes.