{"id":36743,"date":"2022-06-17T06:00:00","date_gmt":"2022-06-17T06:00:00","guid":{"rendered":"https:\/\/cloudnewshub.com\/archives\/36743"},"modified":"2022-06-17T06:00:00","modified_gmt":"2022-06-17T06:00:00","slug":"government-responds-to-data-reform-bill-consultation","status":"publish","type":"post","link":"https:\/\/cloudnewshub.com\/?p=36743","title":{"rendered":"Government responds to Data Reform Bill consultation"},"content":{"rendered":"<div><img decoding=\"async\" src=\"http:\/\/cloudnewshub.com\/wp-content\/uploads\/2022\/06\/government-responds-to-data-reform-bill-consultation.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>The government has published its long-awaited response to <a href=\"https:\/\/www.computerweekly.com\/news\/252506493\/UK-GDPR-faces-changes-under-planned-reforms\">a consultation on the proposed Data Reform Bill<\/a>, pledging to press ahead with a number of changes, that the government says will boost businesses, protect consumers and seize the \u201cbenefits\u201d of Brexit.<\/p>\n<p>Its proposals include clamping down what it perceives as red tape around privacy and data protection to save an estimated \u00a31bn, while strengthening data protection standards, reforming the Information Commissioner\u2019s Office (ICO), giving innovators and researchers more flexibility in how they use data in their work, and increasing fines for people who misuse data.<\/p>\n<p>In a move guaranteed to catch the attention of consumers, it also proposes to adopt new measures to <a href=\"https:\/\/www.computerweekly.com\/news\/252506318\/ICO-in-bid-to-end-cookie-pop-ups\">minimise the number of cookie pop-ups<\/a> people see online.<\/p>\n<p>Outlining its response at the end of London Tech Week, the government said that data was core to the UK economy, with data-driven trade generating 75% of the country\u2019s services exports, and revenues of \u00a3234bn in 2019, and touched both the core of how businesses operate and how people live their daily lives.<\/p>\n<p>\u201cToday is an important step in cementing post-Brexit Britain\u2019s position as a science and tech superpower. Our new Data Reform Bill will make it easier for businesses and researchers to unlock the power of data to grow the economy and improve society but retains our global gold standard for data protection,\u201d said digital secretary Nadine Dorries.<\/p>\n<p>\u201cOutside of the EU we can ensure people can control their personal data, while preventing businesses, researchers and civil society from being held back by a lack of clarity and cumbersome EU legislation.\u201d<\/p>\n<p>John Edwards, the recently appointed information commissioner, said he shared the government\u2019s ambitions and was particularly pleased that <a href=\"https:\/\/www.computerweekly.com\/news\/252507865\/ICO-expresses-concerns-over-its-future-independence\">the ICO\u2019s concerns around its future independence<\/a> under the new regime had been taken into account.<\/p>\n<p>\u201cData protection law needs to give people confidence to share their information to use the products and services that power our economy and society. The proposed changes will ensure my office can continue to operate as a trusted, fair and impartial regulator, and enable us to be more flexible and target our action in response to the greatest harms,\u201d said Edwards.<\/p>\n<p>\u201cWe look forward to continuing to work constructively with the government as the proposals are progressed and will continue to monitor how these reforms are expressed in the bill.\u201d<\/p>\n<p>At their core, the reforms hinge on the government\u2019s belief that the European Union (EU) General Data Protection Regulation (GDPR), which transposed into UK law as the UK GDPR after Brexit was finalised, held organisations back from using data in a dynamic way.<\/p>\n<p>It said there was a lack of clarity in the GDPR that led to an overreliance on box ticking, and that the regulation was overly reliant on a one-size-fits-all approach that failed to account for the unique needs of disparate organisations, placing a particular burden on small and medium enterprises (SMEs) and startups. It is these burdens the government is set on removing.<\/p>\n<p>For example, the bill will remove the UK GDPR\u2019s requirements giving organisations little flexibility about risk management, including the need for small business to appoint a data protection officer (DPO) or undertake data protection impact assessments (DPIAs). This will mean, for example, that a small independent retailer working online won\u2019t have to recruit a dedicated data expert provided it can prove it has someone to manage the risks effectively.<\/p>\n<p>In other key areas, the government is proposing to increase fines for nuisance calls, texts and other serious data breaches under the Privacy and Electronic Communications Regulations (PECR) from the current maximum of \u00a3500,000 to come in line with GDPR\u2019s limits of up to 4% of global turnover of \u00a317.5m.<\/p>\n<p>The PECR will also be the mechanism by which the government seeks to cut down on the number of cookie consent pop-ups, which currently display every time a user visits a new website. In future, an opt-out model will come into play, reducing the need for users to click through consent banners on every site they visit.<\/p>\n<p><a href=\"https:\/\/www.techuk.org\/\">TechUK<\/a> CEO Julian David agreed that the GDPR as introduced was far from perfect, saying: \u201cThe challenge in reforming it has always been how to retain key protections for citizens while introducing clarity and flexibility to enable growth in data-driven innovation and new technologies such as AI [artificial intelligence].<\/p>\n<p>\u201cThe reforms announced today find a good balance between making the UK\u2019s data protection system clearer, more flexible and more user friendly to researchers, innovators and smaller companies, while at the same time maintaining levels of data protection in line with the highest global standards.\u201d<\/p>\n<p>David did, however, speak of some outstanding questions around how exactly the reforms will work in practice, specifically around the cookie opt-out system, and proposals for balancing tests with regard to data processing.<\/p>\n<p>\u201cHowever, on the whole this is a welcome package of reform. TechUK will continue to work closely with the government on these outstanding questions and we look forward to seeing the draft Data Reform Bill in due course,\u201d said David.<\/p>\n<section class=\"section main-article-chapter\" data-menu-title=\"EU clash avoided?\">\n<h3 class=\"section-title\"><i class=\"icon\" data-icon=\"1\"><\/i>EU clash avoided?<\/h3>\n<p>Peter Church, a counsel in <a href=\"https:\/\/www.linklaters.com\/en\">Linklaters<\/a> global data team, said it appeared that the government had walked back some of the more radical suggestions, such as scrapping GDPR entirely and replacing it with a new framework \u2013 which would have set the UK on yet another collision course with the EU.<\/p>\n<p>\u201cThis is hardly a surprise given data protection laws are now a global norm and the GDPR is the template upon which many of those laws are based,\u201d said Church. \u201cThis is good news for data flows between the EU and the UK, as these more modest reforms mean the EU Commission is less likely to revoke the UK\u2019s adequacy finding, which would have caused significant disruption.<\/p>\n<p>\u201cThe UK is [also] starting to go its own way in relation to international data transfers. The new requirements in the EU to risk assess transfers are turning out to be very costly and time consuming, so there is certainly space for the UK to take a more balanced approach.\u201d<\/p>\n<p><a href=\"https:\/\/www.cliffordchance.com\/home.html\">Clifford Chance<\/a> tech lawyer Herbert Swaniker said that how the reforms translate into the bill will still be monitored closely by other governments and by organisations that operate in both the UK and EU.<\/p>\n<p>\u201cThe impact, particularly for larger companies, remains to be seen. Many organisations create global data superstructures, where a UK-specific approach could introduce complexity in decision-making, tech engineering and business costs.&nbsp;The EU Commission will closely monitor these developments. Securing the EU-UK adequacy decision was a top priority,\u201d said Swaniker.<\/p>\n<p>\u201cData borders and tech wars highlight the economic value and geopolitical nature of data.&nbsp;Last summer, UK businesses were relieved when the EU decided to allow continued free flow of personal data from the bloc to the UK.&nbsp;That decision is based on the UK\u2019s data rules being essentially equivalent to the EU\u2019s.&nbsp;These reforms will need to carefully balance maintenance of this hard-won decision. The UK government\u2019s council of experts will play an important role in striking the right balance.<\/p>\n<p>\u201cObviously some are concerned that reform could threaten the EU\u2019s decision to allow free flow of personal data to the UK. Careful and thoughtful reform can help bridge any gaps that would threaten the data bridge that has been created on the basis of the current similarity of the EU and UK data framework,\u201d he added.<\/p>\n<p>Beyond this, said Swaniker, it will be critical to review the data transfer proposals in a global context as well on the basis that pursuing partnerships and security data flows isn\u2019t only something of interest to the UK \u2013 the European Commission and the US have fingers in the pie too.<\/p>\n<\/section>\n","protected":false},"excerpt":{"rendered":"<p>The government has published its long-awaited response to a consultation on the proposed Data Reform Bill, pledging to press ahead with a number of changes, that the government says will boost businesses, protect consumers and seize the \u201cbenefits\u201d of Brexit. Its proposals include clamping down what it perceives as red tape around privacy and data [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":36744,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[533],"tags":[],"class_list":["post-36743","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-it"],"_links":{"self":[{"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/posts\/36743","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=36743"}],"version-history":[{"count":0,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/posts\/36743\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/media\/36744"}],"wp:attachment":[{"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=36743"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=36743"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=36743"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}